mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-26 06:50:36 -05:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: mirror:test/fix-flaky-tests
Branches Tags
mirror:main mirror:test/fix-flaky-tests mirror:bump-web-5.0.0 mirror:reva-bump-2.42.0 mirror:next-release/main mirror:showTraceLink mirror:groupware mirror:next-release/stable-4.0 mirror:stable-4.0 mirror:fix/issue-2146 mirror:nats-tls-options mirror:test/test-hook-failure mirror:reduce-build-context mirror:stavros-k/main mirror:ocm-work mirror:bump-pkg-tracing-semconv-1.37.0 mirror:disableRunningCIWithWatchFS mirror:autodecode-base64-uuid mirror:triggerCi mirror:readtimeout mirror:stable-2.0 mirror:revaBump-2.39.0 mirror:dependabot/npm_and_yarn/services/idp/webpack-5.102.1 mirror:feat/app-provider-open-css-variables mirror:copilot/vscode1759406832111 mirror:dragonchaser/store-user-state-in-system-storage mirror:fix-dev-docker mirror:rolling-3.5.0 mirror:make-auth-bearer-runnable mirror:dependabot/npm_and_yarn/services/idp/postcss-preset-env-10.4.0 mirror:rolling-3.3.0 mirror:useLdapASServices mirror:thumbnailer-dimensions-env-alias mirror:bump-version-v2.0.3 mirror:deleteCommitIdFromReleaseVersion mirror:dragonchaser-patch-1 mirror:userPhotoTests mirror:adjust-frontend-config mirror:caseSearchWhenUserHasDowblePersonalSpaces mirror:remove-workspace mirror:docs-stable-2.0 mirror:update-labels mirror:debug-ci-failure mirror:runTestsInPosixAndDecomposed mirror:runTestInCIWithPosix mirror:fixTranslation mirror:localApiTests-CI mirror:run-dev-doc-pipelines mirror:delete#3099FromExpectedFailuresFile mirror:woodpecker-env mirror:hybrid-metadata-backend
mirror:v4.1.0 mirror:v4.0.1 mirror:4.0.1-rc.1 mirror:v4.0.1-rc.1 mirror:v4.0.0 mirror:v4.0.0-rc.5 mirror:v4.0.0-rc.4 mirror:4.0.0-rc.3 mirror:4.0.0-rc.2 mirror:4.0.0-rc.1 mirror:v3.7.0 mirror:v2.0.5 mirror:v3.6.0 mirror:v3.5.0 mirror:v3.4.0 mirror:v3.3.0 mirror:v3.2.1 mirror:v3.2.0 mirror:v2.0.4 mirror:v2.0.4-rc.1 mirror:v3.2.0-alpha.2 mirror:v3.2.0-alpha.1 mirror:v2.0.3 mirror:v3.1.0 mirror:v3.0.0 mirror:v2.3.0 mirror:v2.0.2 mirror:v2.2.0 mirror:v2.0.1 mirror:v2.1.0 mirror:v2.0.0 mirror:v2.0.0-beta.1 mirror:v1.1.0 mirror:v1.1.0-alpha.4 mirror:v1.1.0-alpha.3 mirror:v1.1.0-alpha.2 mirror:v1.1.0-alpha.1 mirror:v1.0.0 mirror:public_avail
..
compare: mirror:nats-tls-options
Branches Tags
mirror:test/fix-flaky-tests mirror:bump-web-5.0.0 mirror:reva-bump-2.42.0 mirror:next-release/main mirror:main mirror:showTraceLink mirror:groupware mirror:next-release/stable-4.0 mirror:stable-4.0 mirror:fix/issue-2146 mirror:nats-tls-options mirror:test/test-hook-failure mirror:reduce-build-context mirror:stavros-k/main mirror:ocm-work mirror:bump-pkg-tracing-semconv-1.37.0 mirror:disableRunningCIWithWatchFS mirror:autodecode-base64-uuid mirror:triggerCi mirror:readtimeout mirror:stable-2.0 mirror:revaBump-2.39.0 mirror:dependabot/npm_and_yarn/services/idp/webpack-5.102.1 mirror:feat/app-provider-open-css-variables mirror:copilot/vscode1759406832111 mirror:dragonchaser/store-user-state-in-system-storage mirror:fix-dev-docker mirror:rolling-3.5.0 mirror:make-auth-bearer-runnable mirror:dependabot/npm_and_yarn/services/idp/postcss-preset-env-10.4.0 mirror:rolling-3.3.0 mirror:useLdapASServices mirror:thumbnailer-dimensions-env-alias mirror:bump-version-v2.0.3 mirror:deleteCommitIdFromReleaseVersion mirror:dragonchaser-patch-1 mirror:userPhotoTests mirror:adjust-frontend-config mirror:caseSearchWhenUserHasDowblePersonalSpaces mirror:remove-workspace mirror:docs-stable-2.0 mirror:update-labels mirror:debug-ci-failure mirror:runTestsInPosixAndDecomposed mirror:runTestInCIWithPosix mirror:fixTranslation mirror:localApiTests-CI mirror:run-dev-doc-pipelines mirror:delete#3099FromExpectedFailuresFile mirror:woodpecker-env mirror:hybrid-metadata-backend
mirror:v4.1.0 mirror:v4.0.1 mirror:4.0.1-rc.1 mirror:v4.0.1-rc.1 mirror:v4.0.0 mirror:v4.0.0-rc.5 mirror:v4.0.0-rc.4 mirror:4.0.0-rc.3 mirror:4.0.0-rc.2 mirror:4.0.0-rc.1 mirror:v3.7.0 mirror:v2.0.5 mirror:v3.6.0 mirror:v3.5.0 mirror:v3.4.0 mirror:v3.3.0 mirror:v3.2.1 mirror:v3.2.0 mirror:v2.0.4 mirror:v2.0.4-rc.1 mirror:v3.2.0-alpha.2 mirror:v3.2.0-alpha.1 mirror:v2.0.3 mirror:v3.1.0 mirror:v3.0.0 mirror:v2.3.0 mirror:v2.0.2 mirror:v2.2.0 mirror:v2.0.1 mirror:v2.1.0 mirror:v2.0.0 mirror:v2.0.0-beta.1 mirror:v1.1.0 mirror:v1.1.0-alpha.4 mirror:v1.1.0-alpha.3 mirror:v1.1.0-alpha.2 mirror:v1.1.0-alpha.1 mirror:v1.0.0 mirror:public_avail

1 Commits
test/fix-f ... nats-tls-o

Author SHA1 Message Date
Jörn Friedrich Dreyer
5a647ab1cb add tls support for all nats connections 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2026-01-08 13:23:16 +01:00
703 changed files with 11104 additions and 44301 deletions
Expand all files Collapse all files

132
.github/release_template.md vendored
View File

@@ -3,83 +3,79 @@
### Prerequisites
* [ ] DEV/QA: bump web version
* [ ] DEV/QA: bump reva version
* [ ] DEV/QA: DEV: Create rc tag `vx.y.z-rc.x`
* [ ] DEV: update introductionVersion
* [ ] DEV: add new production version
* [ ] DEV/QA: Kickoff meeting [Kickoff meeting] (https://???)
* [ ] DEV/QA: Define client versions and provide list of breaking changes for desktop/mobile team
* [ ] DEV/QA: Check new strings and align with clients
* [ ] DEV/DOCS: Create list of pending docs tasks
* [ ] DEV: Create branch `release-x.x.x-rc.x` -> CODEFREEZE
* [ ] DEV: bump opencloud version in necessary files
* [ ] DEV: `changelog/CHANGELOG.tmpl`
* [ ] DEV: `pkg/version/version.go`
* [ ] DEV: `sonar-project.properties`
* [ ] DEV: prepare changelog folder in `changelog/x.x.x_????_??_??`
* [ ] DEV: Check successful CI run on release branch
* [ ] DEV: Create signed tag `vx.y.z-rc.x`
* [ ] DEV: Check successful CI run on `vx.y.z-rc.x` tag / BLOCKING for all further activity
* [ ] DEV: Merge back release branch
* [ ] DEV: bump released deployments to `vx.y.z-rc.x`
* [ ] DEV: https://cloud.opencloud.eu/
* [ ] DEV: needs snapshot and migration
### QA Phase
* [ ] QA: Compatibility test with posix fs
* [ ] QA: Compatibility test with decomposed fs
* [ ] DEV/QA: Performance test
* [ ] STORAGE_USERS_DRIVER=posix
* [ ] 75vu's, 60m
* [ ] 75vu's, 60m
* [ ] STORAGE_USERS_DRIVER=decomposed
* [ ] 75vu's, 60m
* [ ] 75vu's, 60m
* [ ] QA: documentation test
* [ ] QA: Review documentation
* [ ] QA: Verify all new features documented
* [ ] QA: Create upgrade documentation
* [ ] QA: Check installation guides
* [ ] QA: Confirmatory testing (if needed)
* [ ] QA: [Compatibility test](???)
* [ ] QA: [Performance test](https://github.com/opencloud-eu/cdperf/tree/main/packages/k6-tests/src)
* [ ] QA: Documentation test:
* [ ] QA: Single binary - setup
* [ ] QA: Docker - setup
* [ ] QA: Docker-compose - setup
* [ ] QA: helm/k8s - setup
* [ ] QA: e2e with different deployment:
* [ ] QA: [wopi](???.works)
* [ ] QA: [traefik](???.works)
* [ ] QA: [ldap](???.works)
* [ ] QA: e2e with different storage:
* [ ] QA: decomposed
* [ ] QA: decomposeds3
* [ ] QA: posix
* [ ] QA: posix with enabled watch_fs
* [ ] QA: e2e with different deployments deployments:
* [ ] QA: e2e tests agains opencloud-charts
* [ ] QA: binary
* [ ] QA: multitanacy
* [ ] QA: docker using [docker-compose_test_plan](https://github.com/opencloud-eu/qa/blob/main/.github/ISSUE_TEMPLATE/docker-compose_test_plan_template.md)
* [ ] QA: local
* [ ] QA: nfs
* [ ] QA: s3
* [ ] QA: Different clients:
* [ ] QA: desktop (define version) https://github.com/opencloud-eu/client/releases
* [ ] QA: against mac - exploratory testing
* [ ] QA: against windows - exploratory testing
* [ ] QA: against mac - smoke test
* [ ] QA: against windows - smoke test
* [ ] QA: against linux (use auto tests)
* [ ] QA: android (define version) https://github.com/opencloud-eu/android/releases
* [ ] QA: ios (define version)
* [ ] QA: check docs german translation
* [ ] QA: german translations desktop at 100%
* [ ] QA: exploratory testing
* [ ] QA: [Smoke test](???) on Web Office (Collabora, Onlyoffice, Microsoft office)
* [ ] QA: Smoke test Hello extension
* [ ] QA: [Smoke test](???) ldap
* [ ] QA: Collecting errors found
### Collected bugs
* [ ] Please place all bugs found here
### After QA Phase
### After QA Phase (IT related)
* [ ] Brief company-wide heads up via mail @tbsbdr
* [ ] Create list of changed ENV vars and send to release-coordination@opencloud.eu
* [ ] Variable Name
* [ ] Introduced in version
* [ ] Default Value
* [ ] Description
* [ ] dependencies with user other components
* [ ] DEV: Create branch `release-x.x.x`
* [ ] DEV: bump OpenCloud version in necessary files
* [ ] DEV: `pkg/version/version.go`
* [ ] DEV: `sonar-project.properties`
* [ ] DEV: released deployment versions
* [ ] DEV: prepare changelog folder in `changelog/x.x.x_???`
* [ ] Release Notes + Breaking Changes @tbsbdr
* [ ] Migration + Breaking Changes Admin Doc @???
* [ ] DEV: Create final signed tag
* [ ] DEV: Check successful CI run on `vx.y.z` tag / BLOCKING for all further activity
* [ ] Merge release notes
* [ ] QA:bump version in pkg/version.go
* [ ] QA: Run CI
* [ ] DEV/QA: create final tag
* [ ] QA: observe CI Run on tag
* [ ] DEV/QA: Create a new `stable-*` branch
* [ ] (opencloud)[https://github.com/opencloud-eu/opencloud/branches]
* [ ] (web)[https://github.com/opencloud-eu/web/branches]
* [ ] (reva)[https://github.com/opencloud-eu/reva/branches]
* [ ] (opencloud-compose)[https://github.com/opencloud-eu/opencloud-compose/branches]
* [ ] DEV/QA:: publish release notes to the docs
* [ ] DEV/QA:: update (demo.opencloud.eu)[https://demo.opencloud.eu/]
### After QA Phase ( Marketing / Product / Sales related )
* [ ] notify marketing that the release is ready @tbsbdr
* [ ] announce in the public channel (matrix channel)[https://matrix.to/#/#opencloud:matrix.org]
* [ ] press information @AnneGo137
* [ ] press information @AnneGo137
* [ ] Blogentry @AnneGo137
* [ ] Internal meeting (Groupe Pre-Webinar) @db-ot
* [ ] Partner briefing (Partner should be informed about features, new) @matthias
* [ ] Webinar DE & EN @AnneGo137
* [ ] Präsentation DE @tbsbdr / @db-ot
* [ ] Präsentation EN @tbsbdr / @db-ot
* [ ] Website ergänzen @AnneGo137
* [ ] Features @AnneGo137
* [ ] Service & Support - New Enterprise Features @tbsbdr
* [ ] OpenCloud_Benefits.pdf updates @AnneGo137
* [ ] Welcome Files: Features as media @tbsbdr
* [ ] Flyer update @AnneGo137
* [ ] Sales presentation @matthias
### Post-release communication
* [ ] DEV: Create a `docs-stable-x.y` branch based on the docs folder in the OpenCloud repo @micbar
* [ ] DEV/QA: Ping documentation in RC about the new release tag (for opencloud/helm chart version bump in docs)
* [ ] DEV/QA: Ping marketing to update all download links (download mirrors are updated at the full hour, wait with ping until download is actually available)
* [ ] DEV/QA: Ping @??? once the demo instances are running this release
* [ ] DEV: Merge back release branch
* [ ] DEV: Create stable-x.y branch in the OpenCloud repo from final tag

289
.woodpecker.star
View File

@@ -15,17 +15,16 @@ OPEN_SEARCH = "opensearchproject/opensearch:2"
INBUCKET_INBUCKET = "inbucket/inbucket"
MINIO_MC = "minio/mc:RELEASE.2021-10-07T04-19-58Z"
OC_CI_ALPINE = "owncloudci/alpine:latest"
OC_CI_BAZEL_BUILDIFIER = "quay.io/opencloudeu/bazel-buildifier-ci:latest"
OC_CI_CLAMAVD = "quay.io/opencloudeu/clamav-ci:latest"
OC_CI_BAZEL_BUILDIFIER = "owncloudci/bazel-buildifier:latest"
OC_CI_CLAMAVD = "owncloudci/clamavd"
OC_CI_DRONE_ANSIBLE = "owncloudci/drone-ansible:latest"
OC_CI_GOLANG = "quay.io/opencloudeu/golang-ci:1.25"
OC_CI_NODEJS = "quay.io/opencloudeu/nodejs-ci:24"
OC_CI_NODEJS_ALPINE = "quay.io/opencloudeu/nodejs-alpine-ci:24"
OC_CI_PHP = "quay.io/opencloudeu/php-alpine-ci:%s"
OC_CI_WAIT_FOR = "quay.io/opencloudeu/wait-for-ci:latest"
OC_CI_GOLANG = "registry.heinlein.group/opencloud/golang-ci:1.25"
OC_CI_NODEJS = "owncloudci/nodejs:%s"
OC_CI_PHP = "owncloudci/php:%s"
OC_CI_WAIT_FOR = "owncloudci/wait-for:latest"
OC_CS3_API_VALIDATOR = "opencloudeu/cs3api-validator:latest"
OC_CI_WOPI_VALIDATOR = "quay.io/opencloudeu/wopi-validator-ci:latest"
OC_LITMUS = "owncloudci/litmus:latest"
OC_UBUNTU = "owncloud/ubuntu:20.04"
ONLYOFFICE_DOCUMENT_SERVER = "onlyoffice/documentserver:7.5.1"
PLUGINS_DOCKER_BUILDX = "woodpeckerci/plugin-docker-buildx:latest"
PLUGINS_NOTATION = "registry.heinlein.group/opencloud/notation-wp-plugin:latest"
@@ -38,7 +37,8 @@ REDIS = "redis:6-alpine"
READY_RELEASE_GO = "woodpeckerci/plugin-ready-release-go:latest"
OPENLDAP = "bitnamilegacy/openldap:2.6"
DEFAULT_PHP_VERSION = "8.4"
DEFAULT_PHP_VERSION = "8.2"
DEFAULT_NODEJS_VERSION = "20"
CACHE_S3_SERVER = "https://s3.ci.opencloud.eu"
@@ -91,10 +91,10 @@ event = {
# configuration
config = {
"cs3ApiTests": {
"skip": True,
"skip": False,
},
"wopiValidatorTests": {
"skip": True,
"skip": False,
},
"k6LoadTests": {
"skip": True,
@@ -111,13 +111,13 @@ config = {
"apiLocks",
"apiActivities",
],
"skip": True,
"skip": False,
},
"settings": {
"suites": [
"apiSettings",
],
"skip": True,
"skip": False,
"withRemotePhp": [True],
"emailNeeded": True,
"extraTestEnvironment": {
@@ -140,45 +140,45 @@ config = {
# skip tests for collaborativePosix. see https://github.com/opencloud-eu/opencloud/issues/2036
#"collaborativePosix",
],
"skip": True,
"skip": False,
"withRemotePhp": [True],
},
"graphUserGroup": {
"suites": [
"apiGraphUserGroup",
],
"skip": True,
"skip": False,
"withRemotePhp": [True],
},
"spaces": {
"suites": [
"apiSpaces",
],
"skip": True,
"skip": False,
},
"spacesShares": {
"suites": [
"apiSpacesShares",
],
"skip": True,
"skip": False,
},
"spacesDavOperation": {
"suites": [
"apiSpacesDavOperation",
],
"skip": True,
"skip": False,
},
"search1": {
"suites": [
"apiSearch1",
],
"skip": True,
"skip": False,
},
"search2": {
"suites": [
"apiSearch2",
],
"skip": True,
"skip": False,
},
"sharingNg": {
"suites": [
@@ -186,26 +186,33 @@ config = {
"apiSharingNg1",
"apiSharingNg2",
],
"skip": True,
"skip": False,
},
"sharingNgShareInvitation": {
"suites": [
"apiSharingNgShareInvitation",
],
"skip": True,
"skip": False,
},
"sharingNgLinkShare": {
"suites": [
"apiSharingNgLinkSharePermission",
"apiSharingNgLinkShareRoot",
],
"skip": True,
"skip": False,
},
"accountsHashDifficulty": {
"skip": False,
"suites": [
"apiAccountsHashDifficulty",
],
"accounts_hash_difficulty": "default",
},
"notification": {
"suites": [
"apiNotification",
],
"skip": True,
"skip": False,
"withRemotePhp": [True],
"emailNeeded": True,
"extraTestEnvironment": {
@@ -225,8 +232,9 @@ config = {
"suites": [
"apiAntivirus",
],
"skip": True,
"skip": False,
"antivirusNeeded": True,
"generateVirusFiles": True,
"extraServerEnvironment": {
"ANTIVIRUS_SCANNER_TYPE": "clamav",
"ANTIVIRUS_CLAMAV_SOCKET": "tcp://clamav:3310",
@@ -240,14 +248,14 @@ config = {
"suites": [
"apiSearchContent",
],
"skip": True,
"skip": False,
"tikaNeeded": True,
},
"ocm": {
"suites": [
"apiOcm",
],
"skip": True,
"skip": False,
"withRemotePhp": [True],
"federationServer": True,
"emailNeeded": True,
@@ -279,30 +287,21 @@ config = {
"GATEWAY_GRPC_ADDR": "0.0.0.0:9142",
},
},
"wopi-2": {
"suites": [
"apiCollaboration",
],
"skip": False,
"collaborationServiceNeeded": True,
"extraServerEnvironment": {
"GATEWAY_GRPC_ADDR": "0.0.0.0:9142",
},
},
"authApp": {
"suites": [
"apiAuthApp",
],
"skip": True,
"skip": False,
"withRemotePhp": [True],
},
"cliCommands": {
"suites": [
"cliCommands",
],
"skip": True,
"skip": False,
"withRemotePhp": [True],
"antivirusNeeded": True,
"generateVirusFiles": True,
"extraServerEnvironment": {
"ANTIVIRUS_SCANNER_TYPE": "clamav",
"ANTIVIRUS_CLAMAV_SOCKET": "tcp://clamav:3310",
@@ -315,7 +314,7 @@ config = {
"suites": [
"apiTenancy",
],
"skip": True,
"skip": False,
"withRemotePhp": [True],
"ldapNeeded": True,
"extraTestEnvironment": {
@@ -348,13 +347,13 @@ config = {
},
"coreApiTests": {
"numberOfParts": 7,
"skip": True,
"skip": False,
"skipExceptParts": [],
"storages": ["posix"],
},
"e2eTests": {
"part": {
"skip": True,
"skip": False,
"totalParts": 4, # divide and run all suites in parts (divide pipelines)
# suites to skip
"xsuites": [
@@ -371,14 +370,14 @@ config = {
],
},
"search": {
"skip": True,
"skip": False,
"suites": ["search"], # suites to run
"tikaNeeded": True,
},
},
"e2eMultiService": {
"testSuites": {
"skip": True,
"skip": False,
"suites": [
"smoke",
"shares",
@@ -520,7 +519,16 @@ def main(ctx):
)
test_pipelines = \
codestyle(ctx) + \
checkGherkinLint(ctx) + \
checkTestSuitesInExpectedFailures(ctx) + \
pipelinesDependsOn(buildWebCache(ctx), savePipelineNumber(ctx)) + \
pipelinesDependsOn(cacheBrowsers(ctx), savePipelineNumber(ctx)) + \
getGoBinForTesting(ctx) + \
pipelinesDependsOn(buildOpencloudBinaryForTesting(ctx), savePipelineNumber(ctx)) + \
checkStarlark(ctx) + \
build_release_helpers + \
testOpencloudAndUploadResults(ctx) + \
testPipelines(ctx)
build_release_pipelines = \
@@ -569,7 +577,7 @@ def main(ctx):
),
)
pipelines = test_pipelines + build_release_pipelines + genDocsPr(ctx) + notifyMatrix(ctx)
pipelines = test_pipelines + build_release_pipelines + notifyMatrix(ctx)
pipelineSanityChecks(pipelines)
return savePipelineNumber(ctx) + pipelines
@@ -603,7 +611,7 @@ def savePipelineNumber(ctx):
def evaluateWorkflowStep():
return [{
"name": "evaluate-previous-run",
"image": OC_CI_NODEJS_ALPINE,
"image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
"commands": [
"node tests/config/woodpecker/evaluate_pipeline.js",
],
@@ -659,10 +667,10 @@ def testPipelines(ctx):
storage = "decomposed"
if "skip" not in config["cs3ApiTests"] or not config["cs3ApiTests"]["skip"]:
pipelines += cs3ApiTests(ctx, storage)
pipelines += cs3ApiTests(ctx, storage, "default")
if "skip" not in config["wopiValidatorTests"] or not config["wopiValidatorTests"]["skip"]:
pipelines += wopiValidatorTests(ctx, storage, "builtin")
pipelines += wopiValidatorTests(ctx, storage, "cs3")
pipelines += wopiValidatorTests(ctx, storage, "builtin", "default")
pipelines += wopiValidatorTests(ctx, storage, "cs3", "default")
pipelines += localApiTestPipeline(ctx)
pipelines += coreApiTestPipeline(ctx)
@@ -720,7 +728,7 @@ def cacheGoBin():
},
{
"name": "archive-go-bin",
"image": OC_CI_NODEJS,
"image": OC_UBUNTU,
"commands": [
". ./.env",
"if $BIN_CACHE_FOUND; then exit 0; fi",
@@ -758,7 +766,7 @@ def restoreGoBinCache():
},
{
"name": "extract-go-bin-cache",
"image": OC_CI_NODEJS,
"image": OC_UBUNTU,
"commands": [
"tar -xvmf %s -C /" % dirs["gobinTarPath"],
],
@@ -959,7 +967,7 @@ def checkGherkinLint(ctx):
"steps": [
{
"name": "lint-feature-files",
"image": OC_CI_NODEJS_ALPINE,
"image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
"commands": [
"npm install -g @gherlint/gherlint@1.1.0",
"make test-gherkin-lint",
@@ -1051,12 +1059,12 @@ def codestyle(ctx):
return pipelines
def cs3ApiTests(ctx, storage):
def cs3ApiTests(ctx, storage, accounts_hash_difficulty = 4):
pipeline = {
"name": "test-cs3-API-%s" % storage,
"steps": evaluateWorkflowStep() +
restoreBuildArtifactCache(ctx, dirs["opencloudBinArtifact"], dirs["opencloudBinPath"]) +
opencloudServer(storage, deploy_type = "cs3api_validator") +
opencloudServer(storage, accounts_hash_difficulty, deploy_type = "cs3api_validator") +
[
{
"name": "cs3ApiTests",
@@ -1087,7 +1095,7 @@ def cs3ApiTests(ctx, storage):
])
return [pipeline]
def wopiValidatorTests(ctx, storage, wopiServerType):
def wopiValidatorTests(ctx, storage, wopiServerType, accounts_hash_difficulty = 4):
testgroups = [
"BaseWopiViewing",
"CheckFileInfoSchema",
@@ -1130,7 +1138,7 @@ def wopiValidatorTests(ctx, storage, wopiServerType):
for testgroup in testgroups:
validatorTests.append({
"name": "wopiValidatorTests-%s" % testgroup,
"image": OC_CI_WOPI_VALIDATOR,
"image": "owncloudci/wopi-validator",
"commands": [
"export WOPI_TOKEN=$(cat accesstoken)",
"echo $WOPI_TOKEN",
@@ -1146,7 +1154,7 @@ def wopiValidatorTests(ctx, storage, wopiServerType):
for builtinOnlyGroup in builtinOnlyTestGroups:
validatorTests.append({
"name": "wopiValidatorTests-%s" % builtinOnlyGroup,
"image": OC_CI_WOPI_VALIDATOR,
"image": "owncloudci/wopi-validator",
"commands": [
"export WOPI_TOKEN=$(cat accesstoken)",
"echo $WOPI_TOKEN",
@@ -1165,7 +1173,7 @@ def wopiValidatorTests(ctx, storage, wopiServerType):
"steps": evaluateWorkflowStep() +
restoreBuildArtifactCache(ctx, dirs["opencloudBinArtifact"], dirs["opencloudBinPath"]) +
waitForServices("fake-office", ["fakeoffice:8080"]) +
opencloudServer(storage, deploy_type = "wopi_validator", extra_server_environment = extra_server_environment) +
opencloudServer(storage, accounts_hash_difficulty, deploy_type = "wopi_validator", extra_server_environment = extra_server_environment) +
wopiServer +
waitForServices("wopi-fakeoffice", ["wopi-fakeoffice:9300"]) +
[
@@ -1210,21 +1218,29 @@ def wopiValidatorTests(ctx, storage, wopiServerType):
def localApiTestPipeline(ctx):
pipelines = []
with_remote_php = [True]
enable_watch_fs = [False]
if ctx.build.event == "cron":
with_remote_php.append(False)
enable_watch_fs.append(True)
defaults = {
"suites": {},
"skip": False,
"extraTestEnvironment": {},
"extraServerEnvironment": {},
"storages": ["posix"],
"accounts_hash_difficulty": 4,
"emailNeeded": False,
"antivirusNeeded": False,
"tikaNeeded": False,
"federationServer": False,
"collaborationServiceNeeded": False,
"extraCollaborationEnvironment": {},
"withRemotePhp": [True],
"enableWatchFs": [False],
"withRemotePhp": with_remote_php,
"enableWatchFs": enable_watch_fs,
"ldapNeeded": False,
"generateVirusFiles": False,
}
if "localApiTests" in config:
@@ -1239,14 +1255,6 @@ def localApiTestPipeline(ctx):
if "[decomposed]" in ctx.build.title.lower() or name.startswith("cli"):
params["storages"] = ["decomposed"]
if ctx.build.event == "cron":
params["withRemotePhp"] = [True, False]
params["enableWatchFs"] = [True, False]
# override withRemotePhp if specified in the suite config
if "withRemotePhp" in matrix:
params["withRemotePhp"] = matrix["withRemotePhp"]
for storage in params["storages"]:
for run_with_remote_php in params["withRemotePhp"]:
for run_with_watch_fs_enabled in params["enableWatchFs"]:
@@ -1271,15 +1279,16 @@ def localApiTestPipeline(ctx):
(waitForLdapService() if params["ldapNeeded"] else []) +
opencloudServer(
storage,
params["accounts_hash_difficulty"],
extra_server_environment = params["extraServerEnvironment"],
with_wrapper = True,
tika_enabled = params["tikaNeeded"],
watch_fs_enabled = run_with_watch_fs_enabled,
) +
(opencloudServer(storage, deploy_type = "federation", extra_server_environment = params["extraServerEnvironment"], watch_fs_enabled = run_with_watch_fs_enabled) if params["federationServer"] else []) +
(opencloudServer(storage, params["accounts_hash_difficulty"], deploy_type = "federation", extra_server_environment = params["extraServerEnvironment"], watch_fs_enabled = run_with_watch_fs_enabled) if params["federationServer"] else []) +
((wopiCollaborationService("fakeoffice") + wopiCollaborationService("collabora") + wopiCollaborationService("onlyoffice")) if params["collaborationServiceNeeded"] else []) +
(openCloudHealthCheck("wopi", ["wopi-collabora:9304", "wopi-onlyoffice:9304", "wopi-fakeoffice:9304"]) if params["collaborationServiceNeeded"] else []) +
localApiTest(params["suites"], storage, params["extraTestEnvironment"], run_with_remote_php) +
localApiTest(params["suites"], storage, params["extraTestEnvironment"], run_with_remote_php, params["generateVirusFiles"]) +
logRequests(),
"services": (emailService() if params["emailNeeded"] else []) +
(clamavService() if params["antivirusNeeded"] else []) +
@@ -1303,9 +1312,9 @@ def localApiTestPipeline(ctx):
pipelines.append(pipeline)
return pipelines
def localApiTest(suites, storage = "decomposed", extra_environment = {}, with_remote_php = False):
def localApiTest(suites, storage = "decomposed", extra_environment = {}, with_remote_php = False, generate_virus_files = False):
test_dir = "%s/tests/acceptance" % dirs["base"]
expected_failures_file = "%s/expected-failures-%s-storage.md" % (test_dir, storage)
expected_failures_file = "%s/expected-failures-localAPI-on-%s-storage.md" % (test_dir, storage)
environment = {
"TEST_SERVER_URL": OC_URL,
@@ -1328,6 +1337,11 @@ def localApiTest(suites, storage = "decomposed", extra_environment = {}, with_re
commands = []
# Generate EICAR virus test files if needed
if generate_virus_files:
commands.append("chmod +x %s/tests/acceptance/scripts/generate-virus-files.sh" % dirs["base"])
commands.append("bash %s/tests/acceptance/scripts/generate-virus-files.sh" % dirs["base"])
# Merge expected failures
if not with_remote_php:
commands.append("cat %s/expected-failures-without-remotephp.md >> %s" % (test_dir, expected_failures_file))
@@ -1350,6 +1364,7 @@ def coreApiTestPipeline(ctx):
"numberOfParts": 7,
"skipExceptParts": [],
"skip": False,
"accounts_hash_difficulty": 4,
}
pipelines = []
@@ -1370,10 +1385,6 @@ def coreApiTestPipeline(ctx):
params["withRemotePhp"] = [True, False]
params["enableWatchFs"] = [True, False]
# override withRemotePhp if specified in the suite config
if "withRemotePhp" in matrix:
params["withRemotePhp"] = matrix["withRemotePhp"]
debugParts = params["skipExceptParts"]
debugPartsEnabled = (len(debugParts) != 0)
@@ -1395,6 +1406,7 @@ def coreApiTestPipeline(ctx):
restoreBuildArtifactCache(ctx, dirs["opencloudBinArtifact"], dirs["opencloudBinPath"]) +
opencloudServer(
storage,
params["accounts_hash_difficulty"],
with_wrapper = True,
watch_fs_enabled = run_with_watch_fs_enabled,
) +
@@ -1428,7 +1440,7 @@ def coreApiTestPipeline(ctx):
def coreApiTest(part_number = 1, number_of_parts = 1, with_remote_php = False, storage = "posix"):
filter_tags = "~@skipOnOpencloud-%s-Storage" % storage
test_dir = "%s/tests/acceptance" % dirs["base"]
expected_failures_file = "%s/expected-failures-%s-storage.md" % (test_dir, storage)
expected_failures_file = "%s/expected-failures-API-on-%s-storage.md" % (test_dir, storage)
return [{
"name": "api-tests",
@@ -1541,7 +1553,7 @@ def e2eTestPipeline(ctx):
step_e2e = {
"name": "e2e-tests",
"image": OC_CI_NODEJS,
"image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
"environment": {
"OC_BASE_URL": OC_DOMAIN,
"HEADLESS": True,
@@ -1716,7 +1728,7 @@ def multiServiceE2ePipeline(ctx):
storage_users_services + \
[{
"name": "e2e-tests",
"image": OC_CI_NODEJS,
"image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
"environment": {
"OC_BASE_URL": OC_DOMAIN,
"HEADLESS": True,
@@ -2048,14 +2060,14 @@ def licenseCheck(ctx):
"steps": restoreGoBinCache() + [
{
"name": "node-check-licenses",
"image": OC_CI_NODEJS_ALPINE,
"image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
"commands": [
"make ci-node-check-licenses",
],
},
{
"name": "node-save-licenses",
"image": OC_CI_NODEJS_ALPINE,
"image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
"commands": [
"make ci-node-save-licenses",
],
@@ -2175,7 +2187,7 @@ def makeNodeGenerate(module):
return [
{
"name": "generate nodejs",
"image": OC_CI_NODEJS,
"image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
"environment": {
"CHROMEDRIVER_SKIP_DOWNLOAD": True, # install fails on arm and chromedriver is a test only dependency
},
@@ -2202,65 +2214,6 @@ def makeGoGenerate(module):
},
]
def genDocsPr(ctx):
return [{
"name": "gen-docs-pr",
"skip_clone": True,
"workspace": {
"base": "/woodpecker",
"path": "docs_gen_pr",
},
"steps": [
{
"name": "make-docs-pr",
"image": "quay.io/opencloudeu/golang-ci",
"pull": True,
"environment": {
"GH_TOKEN": {
"from_secret": "github_token",
},
"CI_SSH_KEY": {
"from_secret": "markdown-docs-generator-push-key",
},
"CI_SSH_KEY_DOCS": {
"from_secret": "gh-docs-push-key",
},
"GIT_SSH_COMMAND": "ssh -o StrictHostKeyChecking=no -i /root/id_rsa",
"OC_GIT_BRANCH": "${CI_COMMIT_BRANCH}",
"MY_TARGET_BRANCH": "${CI_COMMIT_BRANCH##stable-}",
},
"commands": [
'export DOC_GIT_TARGET_FOLDER="$$(if [ \"$$MY_TARGET_BRANCH\" = \"main\" ]; then echo \"tmpdocs/docs/dev/_static/env-vars/\"; else echo \"tmpdocs/versioned_docs/version-$${MY_TARGET_BRANCH}/dev/_static/env-vars/\"; fi)"',
'echo "$${CI_SSH_KEY}" > /root/id_rsa && chmod 600 /root/id_rsa',
'git config --global user.email "devops@opencloud.eu"',
'git config --global user.name "openclouders"',
"git clone git@github.com:opencloud-eu/markdown-docs-generator.git /woodpecker/docs_gen_pr",
'echo "$${CI_SSH_KEY_DOCS}" > /root/id_rsa && chmod 600 /root/id_rsa',
"make git-clone",
"make all",
"make create-docs-pullrequest",
],
},
],
"when": [
{
"event": "push",
"path": {
"include": [
"services/*/pkg/config/**/*.go",
"pkg/**/*.go",
],
},
"branch": "[main, stable-*]",
},
{
"event": "cron",
"branch": "[main]",
"cron": "nightly *",
},
],
}]
def notifyMatrix(ctx):
result = [{
"name": "chat-notifications",
@@ -2312,7 +2265,7 @@ def notifyMatrix(ctx):
return result
def opencloudServer(storage = "decomposed", depends_on = [], deploy_type = "", extra_server_environment = {}, with_wrapper = False, tika_enabled = False, watch_fs_enabled = False):
def opencloudServer(storage = "decomposed", accounts_hash_difficulty = 4, depends_on = [], deploy_type = "", extra_server_environment = {}, with_wrapper = False, tika_enabled = False, watch_fs_enabled = False):
user = "0:0"
container_name = OC_SERVER_NAME
environment = {
@@ -2408,6 +2361,13 @@ def opencloudServer(storage = "decomposed", depends_on = [], deploy_type = "", e
if watch_fs_enabled:
environment["STORAGE_USERS_POSIX_WATCH_FS"] = True
# Pass in "default" accounts_hash_difficulty to not set this environment variable.
# That will allow OpenCloud to use whatever its built-in default is.
# Otherwise pass in a value from 4 to about 11 or 12 (default 4, for making regular tests fast)
# The high values cause lots of CPU to be used when hashing passwords, and really slow down the tests.
if accounts_hash_difficulty != "default":
environment["ACCOUNTS_HASH_DIFFICULTY"] = accounts_hash_difficulty
for item in extra_server_environment:
environment[item] = extra_server_environment[item]
@@ -2904,7 +2864,7 @@ def litmus(ctx, storage):
def setupForLitmus():
return [{
"name": "setup-for-litmus",
"image": OC_CI_NODEJS,
"image": OC_UBUNTU,
"environment": {
"TEST_SERVER_URL": OC_URL,
},
@@ -2919,7 +2879,7 @@ def getWoodpeckerEnvAndCheckScript(ctx):
path_to_check_script = "%s/tests/config/woodpecker/check_web_cache.sh" % dirs["base"]
return {
"name": "get-woodpecker-env-and-check-script",
"image": OC_CI_NODEJS,
"image": OC_UBUNTU,
"commands": [
"cp %s check_web_cache.sh" % path_to_check_script,
],
@@ -2938,7 +2898,7 @@ def checkForWebCache(name):
def cloneWeb():
return {
"name": "clone-web",
"image": OC_CI_NODEJS_ALPINE,
"image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
"commands": [
". ./.woodpecker.env",
"if $WEB_CACHE_FOUND; then exit 0; fi",
@@ -2955,7 +2915,7 @@ def generateWebPnpmCache(ctx):
cloneWeb(),
{
"name": "install-pnpm",
"image": OC_CI_NODEJS,
"image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
"commands": [
". ./.woodpecker.env",
"if $WEB_CACHE_FOUND; then exit 0; fi",
@@ -2967,7 +2927,7 @@ def generateWebPnpmCache(ctx):
},
{
"name": "zip-pnpm",
"image": OC_CI_NODEJS,
"image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
"commands": [
". ./.woodpecker.env",
"if $WEB_CACHE_FOUND; then exit 0; fi",
@@ -3029,7 +2989,7 @@ def cacheBrowsers(ctx):
browser_cache_steps = [
{
"name": "install-browsers",
"image": OC_CI_NODEJS,
"image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
"environment": {
"PLAYWRIGHT_BROWSERS_PATH": ".playwright",
},
@@ -3037,7 +2997,7 @@ def cacheBrowsers(ctx):
"cd %s" % dirs["web"],
". ./.woodpecker.env",
"if $BROWSER_CACHE_FOUND; then exit 0; fi",
"pnpm exec playwright install",
"pnpm exec playwright install --with-deps",
"pnpm exec playwright install --list",
"tar -czf %s .playwright" % dirs["playwrightBrowsersArchive"],
],
@@ -3072,7 +3032,7 @@ def generateWebCache(ctx):
cloneWeb(),
{
"name": "zip-web",
"image": OC_CI_NODEJS,
"image": OC_UBUNTU,
"commands": [
". ./.woodpecker.env",
"if $WEB_CACHE_FOUND; then exit 0; fi",
@@ -3108,7 +3068,7 @@ def restoreWebCache():
],
}, {
"name": "unzip-web-cache",
"image": OC_CI_NODEJS,
"image": OC_UBUNTU,
"commands": [
"tar -xf %s -C ." % dirs["webZip"],
],
@@ -3127,7 +3087,7 @@ def restoreWebPnpmCache(extra_commands = []):
}, {
# we need to install again because the node_modules are not cached
"name": "unzip-and-install-pnpm",
"image": OC_CI_NODEJS,
"image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
"commands": extra_commands + [
"cd %s" % dirs["web"],
"rm -rf .pnpm-store",
@@ -3153,7 +3113,7 @@ def restoreBrowsersCache():
},
{
"name": "unzip-browsers-cache",
"image": OC_CI_NODEJS,
"image": OC_UBUNTU,
"commands": [
"tar -xf /woodpecker/src/github.com/%s/webTestRunner/playwright-browsers.tar.gz -C ." % repo_slug,
],
@@ -3171,7 +3131,7 @@ def waitForEmailService():
"name": "wait-for-email",
"image": OC_CI_WAIT_FOR,
"commands": [
"wait-for -host email -port 9000 -timeout 600",
"wait-for -it email:9000 -t 600",
],
}]
@@ -3186,7 +3146,7 @@ def waitForClamavService():
"name": "wait-for-clamav",
"image": OC_CI_WAIT_FOR,
"commands": [
"wait-for -host clamav -port 3310 -timeout 600",
"wait-for -it clamav:3310 -t 600",
],
}]
@@ -3229,7 +3189,7 @@ def waitForLdapService():
"name": "wait-for-ldap",
"image": OC_CI_WAIT_FOR,
"commands": [
"wait-for -host ldap-server -port 1636 -timeout 600",
"wait-for -it ldap-server:1636 -t 600",
],
}]
@@ -3274,7 +3234,7 @@ def wopiCollaborationService(name):
environment["COLLABORATION_APP_ADDR"] = "https://onlyoffice"
environment["COLLABORATION_APP_ICON"] = "https://onlyoffice/web-apps/apps/documenteditor/main/resources/img/favicon.ico"
elif name == "fakeoffice":
environment["COLLABORATION_SERVICE_NAME"] = "collaboration-fakeoffice"
environment["COLLABORATION_SERVICE_NAME"] = "collboration-fakeoficce"
environment["COLLABORATION_APP_NAME"] = "FakeOffice"
environment["COLLABORATION_APP_PRODUCT"] = "Microsoft"
environment["COLLABORATION_APP_ADDR"] = "http://fakeoffice:8080"
@@ -3292,7 +3252,7 @@ def tikaService():
"name": "wait-for-tika-service",
"image": OC_CI_WAIT_FOR,
"commands": [
"wait-for -host tika -port 9998 -timeout 300",
"wait-for -it tika:9998 -t 300",
],
}]
@@ -3407,18 +3367,13 @@ def k6LoadTests(ctx):
return [pipeline]
def waitForServices(name, services = []):
commands = []
for service in services:
host, port = service.split(":", 1)
commands.append(
"wait-for -host %s -port %s -timeout 300" % (host, port),
)
services = ",".join(services)
return [{
"name": "wait-for-%s" % name,
"image": OC_CI_WAIT_FOR,
"commands": commands,
"commands": [
"wait-for -it %s -t 300" % services,
],
}]
def openCloudHealthCheck(name, services = []):

4
composer.json
View File

@@ -1,8 +1,8 @@
{
"name": "opencloud-eu/opencloud",
"config": {
"config" : {
"platform": {
"php": "8.3"
"php": "8.2"
},
"vendor-dir": "./vendor-php",
"allow-plugins": {

161
devtools/deployments/multi-tenancy/.env.example
View File

@@ -1,161 +0,0 @@
## Basic Settings ##
# Define the docker compose log driver used.
# Defaults to local
LOG_DRIVER=
# If you're on an internet facing server, comment out following line.
# It skips certificate validation for various parts of OpenCloud and is
# needed when self signed certificates are used.
INSECURE=true
## Features ##
COMPOSE_FILE=docker-compose.yml:traefik.yml:keycloak.yml:ldap-server.yml
## Traefik Settings ##
# Note: Traefik is always enabled and can't be disabled.
# Serve Traefik dashboard.
# Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard.
# Defaults to "traefik.opencloud.test"
TRAEFIK_DOMAIN=
# Basic authentication for the traefik dashboard.
# Defaults to user "admin" and password "admin" (written as: "admin:$2y$05$KDHu3xq92SPaO3G8Ybkc7edd51pPLJcG1nWk3lmlrIdANQ/B6r5pq").
# To create user:password pair, it's possible to use this command:
# echo $(htpasswd -nB user) | sed -e s/\\$/\\$\\$/g
TRAEFIK_BASIC_AUTH_USERS=
# Email address for obtaining LetsEncrypt certificates.
# Needs only be changed if this is a public facing server.
TRAEFIK_ACME_MAIL=
# Set to the following for testing to check the certificate process:
# "https://acme-staging-v02.api.letsencrypt.org/directory"
# With staging configured, there will be an SSL error in the browser.
# When certificates are displayed and are emitted by # "Fake LE Intermediate X1",
# the process went well and the envvar can be reset to empty to get valid certificates.
TRAEFIK_ACME_CASERVER=
# Enable the Traefik ACME (Automatic Certificate Management Environment) for automatic SSL certificate management.
TRAEFIK_SERVICES_TLS_CONFIG="tls.certresolver=letsencrypt"
# Enable Traefik to use local certificates.
#TRAEFIK_SERVICES_TLS_CONFIG="tls=true"
# You also need to provide a config file in ./config/traefik/dynamic/certs.yml
# Example:
# cat ./config/traefik/dynamic/certs.yml
# tls:
# certificates:
# - certFile: /certs/opencloud.test.crt
# keyFile: /certs/opencloud.test.key
# stores:
# - default
#
# The certificates need to copied into ./certs/, the absolute path inside the container is /certs/.
# You can also use TRAEFIK_CERTS_DIR=/path/on/host to set the path to the certificates directory.
# Enable the access log for Traefik by setting the following variable to true.
TRAEFIK_ACCESS_LOG=
# Configure the log level for Traefik.
# Possible values are "TRACE", "DEBUG", "INFO", "WARN", "ERROR", "FATAL" and "PANIC". Default is "ERROR".
TRAEFIK_LOG_LEVEL=
## OpenCloud Settings ##
# The opencloud container image.
# For production releases: "opencloudeu/opencloud"
# For rolling releases: "opencloudeu/opencloud-rolling"
# Defaults to production if not set otherwise
OC_DOCKER_IMAGE=opencloudeu/opencloud-rolling
# The openCloud container version.
# Defaults to "latest" and points to the latest stable tag.
OC_DOCKER_TAG=
# Domain of openCloud, where you can find the frontend.
# Defaults to "cloud.opencloud.test"
OC_DOMAIN=
# Demo users should not be created on a production instance,
# because their passwords are public. Defaults to "false".
# If demo users is set to "true", the following user accounts are created automatically:
# alan, mary, margaret, dennis and lynn - the password is 'demo' for all.
DEMO_USERS=
# Admin Password for the OpenCloud admin user.
# NOTE: This is only needed when using the built-in LDAP server (idm).
# If you are using an external LDAP server, the admin password is managed by the LDAP server.
# NOTE: This variable needs to be set before the first start of OpenCloud. Changes to this variable after the first start will be IGNORED.
# If not set, opencloud will not work properly. The container will be restarting.
# After the first initialization, the admin password can only be changed via the OpenCloud User Settings UI or by using the OpenCloud CLI.
# Documentation: https://docs.opencloud.eu/docs/admin/resources/common-issues#-change-admin-password-set-in-env
INITIAL_ADMIN_PASSWORD=
# Define the openCloud loglevel used.
#
LOG_LEVEL=
# Define the kind of logging.
# The default log can be read by machines.
# Set this to true to make the log human readable.
# LOG_PRETTY=true
#
# Define the openCloud storage location. Set the paths for config and data to a local path.
# Ensure that the configuration and data directories are owned by the user and group with ID 1000:1000.
# This matches the default user inside the container and avoids permission issues when accessing files.
# Note that especially the data directory can grow big.
# Leaving it default stores data in docker internal volumes.
# OC_CONFIG_DIR=/your/local/opencloud/config
# OC_DATA_DIR=/your/local/opencloud/data
### Compose Configuration ###
# Path separator for supplemental compose files specified in COMPOSE_FILE.
COMPOSE_PATH_SEPARATOR=:
### Ldap Settings ###
# LDAP is always needed for OpenCloud to store user data as there is no relational database.
# The built-in LDAP server should used for testing purposes or small installations only.
# For production installations, it is recommended to use an external LDAP server.
# We are using OpenLDAP as the default LDAP server because it is proven to be stable and reliable.
# This LDAP configuration is known to work with OpenCloud and provides a blueprint for
# configuring an external LDAP server based on other products like Microsoft Active Directory or other LDAP servers.
#
# Password of LDAP bind user "cn=admin,dc=opencloud,dc=eu". Defaults to "admin"
LDAP_BIND_PASSWORD=
# The LDAP server also creates an openCloud admin user dn: uid=admin,ou=users,dc=opencloud,dc=eu
# The initial password for this user is "admin"
# NOTE: This password can only be set once, if you want to change it later, you have to use the OpenCloud User Settings UI.
# If you changed the password and lost it, you need to execute the following LDAP query to reset it:
# enter the ldap-server container with `docker compose exec ldap-server sh`
# and run the following command to change the password:
# ldappasswd -H ldap://127.0.0.1:1389 -D "cn=admin,dc=opencloud,dc=eu" -W "uid=admin,ou=users,dc=opencloud,dc=eu"
# You will be prompted for the LDAP bind password.
# The output should provide you a new password for the admin user.
### Keycloak Settings ###
# Keycloak is an open-source identity and access management solution.
# We are using Keycloak as the default identity provider on production installations.
# It can be used to federate authentication with other identity providers like
# Microsoft Entra ID, ADFS or other SAML/OIDC providers.
# The use of Keycloak as bridge between OpenCloud and other identity providers creates more control over the
# authentication process, the allowed clients and the session management.
# Keycloak also manages the Role Based Access Control (RBAC) for OpenCloud.
# Keycloak can be used in two different modes:
# 1. Autoprovisioning: New users are automatically created in openCloud when they log in for the first time.
# 2. Shared User Directory: Users are created in Keycloak and can be used in OpenCloud immediately
# because the LDAP server is connected to both Keycloak and OpenCloud.
# Only use one of the two modes at a time.
## Autoprovisioning Mode ##
# Use together with idm/external-idp.yml
# If you want to use a keycloak for local testing, you can use testing/external-keycloak.yml and testing/ldap-manager.yml
# Domain of your Identity Provider.
IDP_DOMAIN=
# IdP Issuer URL, which is used to identify the Identity Provider.
# We need the complete URL, including the protocol (http or https) and the realm.
# Example: "https://keycloak.opencloud.test/realms/openCloud"
IDP_ISSUER_URL=
# Url of the account edit page from your Identity Provider.
IDP_ACCOUNT_URL=
## Shared User Directory Mode ##
# Use together with idm/ldap-keycloak.yml and traefik/ldap-keycloak.yml
# Domain for Keycloak. Defaults to "keycloak.opencloud.test".
KEYCLOAK_DOMAIN=
# Admin user login name. Defaults to "kcadmin".
KEYCLOAK_ADMIN=
# Admin user login password. Defaults to "admin".
KEYCLOAK_ADMIN_PASSWORD=
# Keycloak Database username. Defaults to "keycloak".
KC_DB_USERNAME=
# Keycloak Database password. Defaults to "keycloak".
KC_DB_PASSWORD=

49
devtools/deployments/multi-tenancy/README.md
View File

@@ -1,49 +0,0 @@
# Development/Test Deployment for a multi-tenacy setup
The docker compose files in this directory are derived from the
opencloud-compose project and can be used to deploy a Development or Testing
environment for a multi-tenancy setup of OpenCloud. It consists of the
following services:
* `provisioning`: The OpenCloud graph service deployed in a standalone mode. It
is configured to provide the libregraph education API for managing tenants
and users. The `ldap-server`service (see below) is used to store the tenants
and users.
* `ldap-server`: An OpenLDAP server that is used by the provisioning service to
store tenants and users. Used by the OpenCloud services as the user directory
(for looking up users and searching for sharees).
* `keycloak`: The OpenID Connect Provider used for authenticating users. The
pre-loaded realm is configured to add `tenantid` claim into the identity and
access tokens. It's also currently consuming user from the `ldap-server`
(this federation will likely go away in the future and is optional for future
configurations).
* `opencloud`: The OpenCloud configured so that is hides users from different
tenants from each other.
To deploy the setup, run:
```bash
docker compose -f docker-compose.yml -f keycloak.yml -f ldap-server.yml -f traefik.yml up
```
Once deployed you can use the `initialize_users.go` to create a couple of example
tenants and some users in each tenant:
* Tenant `Famous Coders` with users `dennis` and `grace`
* Tenant `Scientists` with users `einstein` and `marie`
The passwords for the users is set to `demo` in keycloak
```
> go run initialize_users.go
Created tenant: Famous Coders with id fc58e19a-3a2a-4afc-90ec-8f94986db340
Created user: Dennis Ritchie with id ee1e14e7-b00b-4eec-8b03-a6bf0e29c77c
Created user: Grace Hopper with id a29f3afd-e4a3-4552-91e8-cc99e26bffce
Created tenant: Scientists with id 18406c53-e2d6-4e83-98b6-a55880eef195
Created user: Albert Einstein with id 12023d37-d6ce-4f19-a318-b70866f265ba
Created user: Marie Curie with id 30c3c825-c37d-4e85-8195-0142e4884872
Setting password for user: grace
Setting password for user: marie
Setting password for user: dennis
Setting password for user: einstein
```

0
devtools/deployments/multi-tenancy/certs/.gitkeep
View File

0
devtools/deployments/multi-tenancy/certs/acme.json
View File

63
devtools/deployments/multi-tenancy/config/keycloak/clients/OpenCloudAndroid.json
View File

@@ -1,63 +0,0 @@
{
"clientId": "OpenCloudAndroid",
"name": "OpenCloud Android App",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"oc://android.opencloud.eu"
],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"saml.assertion.signature": "false",
"saml.force.post.binding": "false",
"saml.multivalued.roles": "false",
"saml.encrypt": "false",
"post.logout.redirect.uris": "oc://android.opencloud.eu",
"backchannel.logout.revoke.offline.tokens": "false",
"saml.server.signature": "false",
"saml.server.signature.keyinfo.ext": "false",
"exclude.session.state.from.auth.response": "false",
"backchannel.logout.session.required": "true",
"client_credentials.use_refresh_token": "false",
"saml_force_name_id_format": "false",
"saml.client.signature": "false",
"tls.client.certificate.bound.access.tokens": "false",
"saml.authnstatement": "false",
"display.on.consent.screen": "false",
"saml.onetimeuse.condition": "false"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"defaultClientScopes": [
"web-origins",
"profile",
"roles",
"groups",
"basic",
"email"
],
"optionalClientScopes": [
"address",
"phone",
"offline_access",
"microprofile-jwt"
],
"access": {
"view": true,
"configure": true,
"manage": true
}
}

64
devtools/deployments/multi-tenancy/config/keycloak/clients/OpenCloudDesktop.json
View File

@@ -1,64 +0,0 @@
{
"clientId": "OpenCloudDesktop",
"name": "OpenCloud Desktop Client",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"http://127.0.0.1",
"http://localhost"
],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"saml.assertion.signature": "false",
"saml.force.post.binding": "false",
"saml.multivalued.roles": "false",
"saml.encrypt": "false",
"post.logout.redirect.uris": "+",
"backchannel.logout.revoke.offline.tokens": "false",
"saml.server.signature": "false",
"saml.server.signature.keyinfo.ext": "false",
"exclude.session.state.from.auth.response": "false",
"backchannel.logout.session.required": "true",
"client_credentials.use_refresh_token": "false",
"saml_force_name_id_format": "false",
"saml.client.signature": "false",
"tls.client.certificate.bound.access.tokens": "false",
"saml.authnstatement": "false",
"display.on.consent.screen": "false",
"saml.onetimeuse.condition": "false"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"defaultClientScopes": [
"web-origins",
"profile",
"roles",
"groups",
"basic",
"email"
],
"optionalClientScopes": [
"address",
"phone",
"offline_access",
"microprofile-jwt"
],
"access": {
"view": true,
"configure": true,
"manage": true
}
}

63
devtools/deployments/multi-tenancy/config/keycloak/clients/OpenCloudIOS.json
View File

@@ -1,63 +0,0 @@
{
"clientId": "OpenCloudIOS",
"name": "OpenCloud iOS App",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"oc://ios.opencloud.eu"
],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"saml.assertion.signature": "false",
"saml.force.post.binding": "false",
"saml.multivalued.roles": "false",
"saml.encrypt": "false",
"post.logout.redirect.uris": "oc://ios.opencloud.eu",
"backchannel.logout.revoke.offline.tokens": "false",
"saml.server.signature": "false",
"saml.server.signature.keyinfo.ext": "false",
"exclude.session.state.from.auth.response": "false",
"backchannel.logout.session.required": "true",
"client_credentials.use_refresh_token": "false",
"saml_force_name_id_format": "false",
"saml.client.signature": "false",
"tls.client.certificate.bound.access.tokens": "false",
"saml.authnstatement": "false",
"display.on.consent.screen": "false",
"saml.onetimeuse.condition": "false"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"defaultClientScopes": [
"web-origins",
"profile",
"roles",
"groups",
"basic",
"email"
],
"optionalClientScopes": [
"address",
"phone",
"offline_access",
"microprofile-jwt"
],
"access": {
"view": true,
"configure": true,
"manage": true
}
}

66
devtools/deployments/multi-tenancy/config/keycloak/clients/cyberduck.json
View File

@@ -1,66 +0,0 @@
{
"clientId": "Cyberduck",
"name": "Cyberduck",
"description": "File transfer utility client",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"x-cyberduck-action:oauth",
"x-mountainduck-action:oauth"
],
"webOrigins": [],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"saml.assertion.signature": "false",
"saml.force.post.binding": "false",
"saml.multivalued.roles": "false",
"saml.encrypt": "false",
"oauth2.device.authorization.grant.enabled": "false",
"backchannel.logout.revoke.offline.tokens": "false",
"saml.server.signature": "false",
"saml.server.signature.keyinfo.ext": "false",
"exclude.session.state.from.auth.response": "false",
"oidc.ciba.grant.enabled": "false",
"backchannel.logout.session.required": "true",
"client_credentials.use_refresh_token": "false",
"saml_force_name_id_format": "false",
"saml.client.signature": "false",
"tls.client.certificate.bound.access.tokens": "false",
"saml.authnstatement": "false",
"display.on.consent.screen": "false",
"saml.onetimeuse.condition": "false"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"defaultClientScopes": [
"web-origins",
"profile",
"roles",
"groups",
"basic",
"email"
],
"optionalClientScopes": [
"address",
"phone",
"offline_access",
"microprofile-jwt"
],
"access": {
"view": true,
"configure": true,
"manage": true
}
}

74
devtools/deployments/multi-tenancy/config/keycloak/clients/web.json
View File

@@ -1,74 +0,0 @@
{
"clientId": "web",
"name": "OpenCloud Web App",
"description": "",
"rootUrl": "{{OC_URL}}",
"adminUrl": "{{OC_URL}}",
"baseUrl": "",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"redirectUris": [
"{{OC_URL}}/",
"{{OC_URL}}/oidc-callback.html",
"{{OC_URL}}/oidc-silent-redirect.html"
],
"webOrigins": [
"{{OC_URL}}"
],
"notBefore": 0,
"bearerOnly": false,
"consentRequired": false,
"standardFlowEnabled": true,
"implicitFlowEnabled": false,
"directAccessGrantsEnabled": true,
"serviceAccountsEnabled": false,
"publicClient": true,
"frontchannelLogout": false,
"protocol": "openid-connect",
"attributes": {
"saml.assertion.signature": "false",
"saml.force.post.binding": "false",
"saml.multivalued.roles": "false",
"saml.encrypt": "false",
"post.logout.redirect.uris": "+",
"oauth2.device.authorization.grant.enabled": "false",
"backchannel.logout.revoke.offline.tokens": "false",
"saml.server.signature": "false",
"saml.server.signature.keyinfo.ext": "false",
"exclude.session.state.from.auth.response": "false",
"oidc.ciba.grant.enabled": "false",
"backchannel.logout.url": "{{OC_URL}}/backchannel_logout",
"backchannel.logout.session.required": "true",
"client_credentials.use_refresh_token": "false",
"saml_force_name_id_format": "false",
"saml.client.signature": "false",
"tls.client.certificate.bound.access.tokens": "false",
"saml.authnstatement": "false",
"display.on.consent.screen": "false",
"saml.onetimeuse.condition": "false"
},
"authenticationFlowBindingOverrides": {},
"fullScopeAllowed": true,
"nodeReRegistrationTimeout": -1,
"defaultClientScopes": [
"web-origins",
"profile",
"roles",
"groups",
"basic",
"email"
],
"optionalClientScopes": [
"address",
"phone",
"offline_access",
"microprofile-jwt"
],
"access": {
"view": true,
"configure": true,
"manage": true
}
}

8
devtools/deployments/multi-tenancy/config/keycloak/docker-entrypoint-override.sh
View File

@@ -1,8 +0,0 @@
#!/bin/bash
printenv
# replace openCloud domain and LDAP password in keycloak realm import
mkdir /opt/keycloak/data/import
sed -e "s/cloud.opencloud.test/${OC_DOMAIN}/g" -e "s/ldap-admin-password/${LDAP_ADMIN_PASSWORD:-admin}/g" /opt/keycloak/data/import-dist/openCloud-realm.json > /opt/keycloak/data/import/openCloud-realm.json
# run original docker-entrypoint
/opt/keycloak/bin/kc.sh "$@"

2419
devtools/deployments/multi-tenancy/config/keycloak/openCloud-realm.dist.json
View File

File diff suppressed because it is too large Load Diff

38
devtools/deployments/multi-tenancy/config/keycloak/themes/opencloud/login/resources/css/theme.css
View File

@@ -1,38 +0,0 @@
:root {
--pf-global--primary-color--100: #e2baff;
--pf-global--primary-color--200: #e2baff;
--pf-global--primary-color--dark-100: #e2baff;
--pf-global--Color--light-100: #20434f;
}
@font-face {
font-family: OpenCloud;
src: url('../fonts/OpenCloud500-Regular.woff2') format('woff2');
font-weight: normal;
font-style: normal;
}
@font-face {
font-family: OpenCloud;
src: url('../fonts/OpenCloud750-Bold.woff2') format('woff2');
font-weight: bold;
font-style: normal;
}
body {
font-family: "OpenCloud", "Open Sans", Helvetica, Arial, sans-serif;
background: url(../img/background.png) no-repeat center !important;
background-size: cover !important;
}
.kc-logo-text {
background-image: url(../img/logo.svg) !important;
background-size: contain;
width: 400px;
margin: 0 !important;
}
#kc-header-wrapper{
display: flex;
justify-content: center;
}

BIN
devtools/deployments/multi-tenancy/config/keycloak/themes/opencloud/login/resources/fonts/OpenCloud500-Regular.woff2
View File

Binary file not shown.

BIN
devtools/deployments/multi-tenancy/config/keycloak/themes/opencloud/login/resources/fonts/OpenCloud750-Bold.woff2
View File

Binary file not shown.

BIN
devtools/deployments/multi-tenancy/config/keycloak/themes/opencloud/login/resources/img/background.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 30 KiB

14
devtools/deployments/multi-tenancy/config/keycloak/themes/opencloud/login/resources/img/logo.svg
View File

@@ -1,14 +0,0 @@
<svg width="170" height="35" viewBox="0 0 170 35" fill="none" xmlns="http://www.w3.org/2000/svg">
<path d="M45.1928 23.7428C42.5766 22.2684 41.0547 19.5569 41.0547 16.1555C41.0547 14.4433 41.4115 12.921 42.1485 11.589C43.5753 8.92532 46.2869 7.35547 49.6879 7.35547C51.377 7.35547 52.8514 7.73604 54.1593 8.47339C56.7523 9.97188 58.2508 12.7307 58.2508 16.1555C58.2508 17.8443 57.894 19.3663 57.1801 20.6748C55.753 23.315 53.042 24.8605 49.6879 24.8605C47.9992 24.8605 46.501 24.504 45.1928 23.7428ZM49.6641 22.1254C52.9942 22.1254 55.1824 19.7947 55.1824 16.1555C55.1824 12.4215 52.8755 10.0667 49.6641 10.0667C46.4534 10.0667 44.1224 12.4215 44.1224 16.1555C44.1224 19.771 46.3345 22.1254 49.6641 22.1254Z" fill="#E2BAFF"/>
<path d="M62.0912 11.9934L63.6608 14.7522C65.0879 12.4929 66.967 11.9934 68.4176 11.9934C69.5828 11.9934 70.5821 12.255 71.4618 12.8259C72.3657 13.4202 73.0558 14.1814 73.5077 15.1328C74.0069 16.1318 74.2448 17.2259 74.2448 18.4387C74.2448 19.6518 74.0069 20.7697 73.5077 21.7687C73.0558 22.7201 72.3419 23.4813 71.4381 24.0283C70.5821 24.5989 69.5828 24.8605 68.4176 24.8605C67.6327 24.8605 66.8477 24.6943 66.0869 24.3613C65.3971 24.0283 64.7787 23.5526 64.2792 22.958V28.9992H61.3774V16.5599L59.5938 13.4443L62.0912 11.9934ZM64.2792 18.4387C64.2792 19.1764 64.4219 19.8658 64.7073 20.4605C65.0641 21.1027 65.4685 21.5546 65.9442 21.84C66.4913 22.1493 67.0856 22.292 67.7754 22.292C68.489 22.292 69.0836 22.1493 69.6069 21.84C70.1302 21.5308 70.5583 21.0789 70.8196 20.4605C71.1289 19.8658 71.2478 19.1764 71.2478 18.4387C71.2478 17.2497 70.9386 16.2983 70.3204 15.6323C69.6782 14.9187 68.8457 14.562 67.7516 14.562C66.7291 14.562 65.8728 14.9187 65.2306 15.6323C64.6122 16.2983 64.2792 17.2497 64.2792 18.4387Z" fill="#E2BAFF"/>
<path d="M76.5405 15.133C77.0162 14.1812 77.7297 13.3966 78.7049 12.7782C79.7039 12.2311 80.7981 11.9695 82.0587 11.9695C83.319 11.9695 84.3656 12.2311 85.1981 12.7306C86.1017 13.3015 86.768 14.0626 87.2437 15.0137C87.6715 15.9892 87.9094 17.1544 87.9094 18.4386L87.8621 19.1286H78.6098C78.7049 20.1987 79.0855 21.0077 79.7515 21.6261C80.4175 22.1491 81.2976 22.387 82.3438 22.387C83.1528 22.387 83.8661 22.2446 84.5318 21.9826C85.1981 21.721 85.7925 21.388 86.2685 20.9836C86.3398 21.0553 87.505 23.1005 87.505 23.1005C86.768 23.6476 85.9352 24.0758 85.0316 24.4084C84.1991 24.7177 83.2239 24.8604 82.1535 24.8604C80.8694 24.8604 79.7277 24.599 78.8001 24.052C77.8962 23.5287 77.1589 22.7675 76.5642 21.7689C76.0409 20.7696 75.7793 19.6516 75.7793 18.4386C75.7793 17.2496 76.0172 16.1317 76.5405 15.133ZM78.6811 17.1544H85.0316C84.9365 16.203 84.6273 15.5373 84.104 15.1089C83.5331 14.6097 82.8671 14.348 82.0587 14.348C81.2259 14.348 80.5126 14.6097 79.8704 15.0616C79.2996 15.5135 78.919 16.203 78.6811 17.1544Z" fill="#E2BAFF"/>
<path d="M102.054 17.0594V24.4799H99.1283V17.3211C99.1283 16.3459 98.9142 15.6561 98.4623 15.2042C98.0342 14.6809 97.3919 14.443 96.5121 14.443C95.9411 14.443 95.4656 14.5857 94.9899 14.895C94.538 15.1328 94.1812 15.5372 93.9433 16.0367C93.7293 16.5124 93.5866 17.0832 93.5866 17.773V24.4799H90.6371V16.5599L88.8535 13.4202L91.3745 11.9934L92.8492 14.5144C94.3477 12.2785 95.9648 11.9934 97.059 11.9934C98.2958 11.9934 99.0569 12.2072 99.5564 12.445C100.056 12.6832 100.508 12.9921 100.841 13.3727C101.649 14.2527 102.054 15.4896 102.054 17.0594Z" fill="#E2BAFF"/>
<path d="M117.538 23.838C117.015 24.0999 116.325 24.3613 115.469 24.5991C114.684 24.7656 113.851 24.8608 112.971 24.8608C111.259 24.8608 109.737 24.4802 108.429 23.7669C107.144 23.0531 106.145 22.0303 105.408 20.6748C104.694 19.3663 104.338 17.8443 104.338 16.1083C104.338 14.4195 104.694 12.8972 105.384 11.5414C106.074 10.2097 107.144 9.16318 108.405 8.47339C109.713 7.71225 111.283 7.35547 113.138 7.35547C114.066 7.35547 114.874 7.42683 115.564 7.61711C116.373 7.80739 117.038 8.04525 117.514 8.33068C118.014 8.56854 118.608 8.90153 119.298 9.35346L117.8 11.8982C117.062 11.3987 116.349 11.0185 115.659 10.733C114.85 10.4238 113.994 10.2573 113.066 10.2573C111.83 10.2573 110.807 10.4952 109.999 10.9944C109.118 11.5414 108.476 12.2312 108.048 13.0875C107.62 14.0151 107.382 15.0379 107.382 16.1555C107.382 17.2738 107.62 18.2725 108.048 19.1525C108.476 20.0088 109.118 20.6986 109.999 21.1981C110.831 21.6735 111.854 21.9117 113.043 21.9117C113.733 21.9117 114.351 21.84 114.922 21.6973C115.54 21.5308 116.064 21.3408 116.491 21.103C117.086 20.7937 117.538 20.5083 117.871 20.2467L119.346 22.8152C118.632 23.2434 118.037 23.6001 117.538 23.838Z" fill="#E2BAFF"/>
<rect x="121.127" y="7.23633" width="2.90154" height="17.2437" fill="#E2BAFF"/>
<path d="M126.195 18.4387C126.195 14.6809 128.859 11.9934 132.688 11.9934C136.494 11.9934 139.134 14.6571 139.134 18.4152C139.134 22.2206 136.494 24.8605 132.664 24.8605C129.002 24.8605 126.195 22.3633 126.195 18.4387ZM132.664 22.3633C134.71 22.3633 136.113 20.9124 136.113 18.4152C136.113 15.9891 134.71 14.4671 132.664 14.4671C130.548 14.4671 129.192 16.0604 129.192 18.4152C129.192 20.8411 130.572 22.3633 132.664 22.3633Z" fill="#E2BAFF"/>
<path d="M145.86 24.8606C144.456 24.8606 143.339 24.4324 142.482 23.5048C141.674 22.5774 141.27 21.3168 141.27 19.747V12.374H144.171V19.5329C144.171 20.4605 144.385 21.1741 144.837 21.6736C145.265 22.1493 145.931 22.3634 146.811 22.3634C147.382 22.3634 147.881 22.2444 148.334 21.9828C148.785 21.7212 149.118 21.3168 149.356 20.8173C149.618 20.294 149.737 19.6994 149.737 19.081V12.374H152.662V20.3654L154.422 23.4337L151.925 24.8606L150.522 22.4585C150.522 22.4585 149.974 23.1721 149.237 23.7905C148.334 24.5517 147.382 24.8606 145.86 24.8606Z" fill="#E2BAFF"/>
<path d="M156.104 15.1328C156.651 14.0624 157.293 13.2775 158.173 12.8259C159.053 12.2788 160.076 11.9696 161.17 11.9696C162.098 11.9696 162.859 12.1599 163.525 12.4929C164.191 12.8259 164.809 13.254 165.309 13.8959V7.23657H168.21V20.3415L169.947 23.4099L167.449 24.837L165.927 22.1968C165.927 22.1968 164.88 23.6712 163.525 24.3375C162.954 24.623 162.05 24.837 161.194 24.837C160.076 24.837 159.053 24.5751 158.173 24.0045C157.317 23.5526 156.651 22.7677 156.104 21.7687C155.604 20.7697 155.391 19.6993 155.391 18.4387C155.391 17.1546 155.604 16.0604 156.104 15.1328ZM158.363 18.4387C158.363 19.2474 158.506 19.8896 158.792 20.437C159.125 21.1027 159.553 21.5073 160.004 21.7925C160.528 22.1017 161.098 22.2682 161.812 22.2682C162.526 22.2682 163.144 22.1017 163.644 21.7925C164.143 21.5073 164.571 21.0789 164.88 20.437C165.166 19.8896 165.309 19.2474 165.309 18.4387C165.309 17.2497 164.999 16.2507 164.333 15.6323C163.763 14.9187 162.883 14.5385 161.836 14.5385C160.766 14.5385 159.933 14.9187 159.339 15.6323C158.673 16.2507 158.363 17.2497 158.363 18.4387Z" fill="#E2BAFF"/>
<path d="M13.4814 25.5141L14.9505 24.6659V18.5276L20.234 15.4772V13.785L18.7649 12.9368L13.4462 16.0076L8.20127 12.9794L6.73242 13.8273V15.5198L12.0159 18.5703V24.668L13.4814 25.5141Z" fill="#E2BAFF"/>
<path d="M26.9649 7.78377L13.4828 0L0 7.78408V11.1725L13.4824 3.38806L26.9649 11.1721V7.78377Z" fill="#E2BAFF"/>
<path d="M26.9646 23.8279L13.4821 31.612L0 23.8279V27.2163L13.4821 35L26.9646 27.2163V23.8279Z" fill="#E2BAFF"/>
</svg>
Side by Side

Before

Width:  |  Height:  |  Size: 7.0 KiB

19
devtools/deployments/multi-tenancy/config/keycloak/themes/opencloud/login/resources/js/script.js
View File

@@ -1,19 +0,0 @@
document.addEventListener("DOMContentLoaded", function () {
const setLogoUrl = (url) => {
const logoTextSelector = document.querySelector(".kc-logo-text");
if (!logoTextSelector) {
return
}
const link = document.createElement("a");
link.href = url;
link.target = "_blank";
const parent = logoTextSelector.parentNode;
parent.insertBefore(link, logoTextSelector);
link.appendChild(logoTextSelector);
}
setLogoUrl('https://opencloud.eu')
});

5
devtools/deployments/multi-tenancy/config/keycloak/themes/opencloud/login/theme.properties
View File

@@ -1,5 +0,0 @@
parent=keycloak
import=common/keycloak
styles=css/login.css css/theme.css
scripts=js/script.js

9
devtools/deployments/multi-tenancy/config/ldap/docker-entrypoint-override.sh
View File

@@ -1,9 +0,0 @@
#!/bin/bash
echo "Running custom LDAP entrypoint script..."
if [ ! -f /opt/bitnami/openldap/share/openldap.key ]
then
openssl req -x509 -newkey rsa:4096 -keyout /opt/bitnami/openldap/share/openldap.key -out /opt/bitnami/openldap/share/openldap.crt -sha256 -days 365 -batch -nodes
fi
# run original docker-entrypoint
/opt/bitnami/scripts/openldap/entrypoint.sh "$@"

20
devtools/deployments/multi-tenancy/config/ldap/ldif/10_base.ldif
View File

@@ -1,20 +0,0 @@
dn: dc=opencloud,dc=eu
objectClass: organization
objectClass: dcObject
dc: opencloud
o: openCloud
dn: ou=users,dc=opencloud,dc=eu
objectClass: organizationalUnit
ou: users
dn: cn=admin,dc=opencloud,dc=eu
objectClass: inetOrgPerson
objectClass: person
cn: admin
sn: admin
uid: ldapadmin
dn: ou=tenants,dc=opencloud,dc=eu
objectClass: organizationalUnit
ou: tenants

20
devtools/deployments/multi-tenancy/config/ldap/ldif/20_admin.ldif
View File

@@ -1,20 +0,0 @@
dn: uid=admin,ou=users,dc=opencloud,dc=eu
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
uid: admin
givenName: Admin
sn: Admin
cn: admin
displayName: Admin
description: An admin for this OpenCloud instance.
mail: admin@example.org
userPassword:: e1NTSEF9UWhmaFB3dERydTUydURoWFFObDRMbzVIckI3TkI5Nmo==
dn: cn=administrators,ou=groups,dc=opencloud,dc=eu
objectClass: groupOfNames
objectClass: top
cn: administrators
description: OpenCloud Administrators
member: uid=admin,ou=users,dc=opencloud,dc=eu

0
devtools/deployments/multi-tenancy/config/opencloud/apps/.gitkeep
View File

44
devtools/deployments/multi-tenancy/config/opencloud/csp.yaml
View File

@@ -1,44 +0,0 @@
directives:
child-src:
- '''self'''
connect-src:
- '''self'''
- 'blob:'
- 'https://${COMPANION_DOMAIN|companion.opencloud.test}/'
- 'wss://${COMPANION_DOMAIN|companion.opencloud.test}/'
- 'https://raw.githubusercontent.com/opencloud-eu/awesome-apps/'
- 'https://${IDP_DOMAIN|keycloak.opencloud.test}/'
default-src:
- '''none'''
font-src:
- '''self'''
frame-ancestors:
- '''self'''
frame-src:
- '''self'''
- 'blob:'
- 'https://embed.diagrams.net/'
# In contrary to bash and docker the default is given after the | character
- 'https://${COLLABORA_DOMAIN|collabora.opencloud.test}/'
# This is needed for the external-sites web extension when embedding sites
- 'https://docs.opencloud.eu'
img-src:
- '''self'''
- 'data:'
- 'blob:'
- 'https://raw.githubusercontent.com/opencloud-eu/awesome-apps/'
# In contrary to bash and docker the default is given after the | character
- 'https://${COLLABORA_DOMAIN|collabora.opencloud.test}/'
manifest-src:
- '''self'''
media-src:
- '''self'''
object-src:
- '''self'''
- 'blob:'
script-src:
- '''self'''
- '''unsafe-inline'''
style-src:
- '''self'''
- '''unsafe-inline'''

40
devtools/deployments/multi-tenancy/config/opencloud/proxy.yaml
View File

@@ -1,40 +0,0 @@
# This adds four additional routes to the proxy. Forwarding
# request on '/carddav/', '/caldav/' and the respective '/.well-knwown'
# endpoints to the radicale container and setting the required headers.
additional_policies:
- name: default
routes:
- endpoint: /caldav/
backend: http://radicale:5232
remote_user_header: X-Remote-User
skip_x_access_token: true
additional_headers:
- X-Script-Name: /caldav
- endpoint: /.well-known/caldav
backend: http://radicale:5232
remote_user_header: X-Remote-User
skip_x_access_token: true
additional_headers:
- X-Script-Name: /caldav
- endpoint: /carddav/
backend: http://radicale:5232
remote_user_header: X-Remote-User
skip_x_access_token: true
additional_headers:
- X-Script-Name: /carddav
- endpoint: /.well-known/carddav
backend: http://radicale:5232
remote_user_header: X-Remote-User
skip_x_access_token: true
additional_headers:
- X-Script-Name: /carddav
# To enable the radicale web UI add this rule.
# "unprotected" is True because the Web UI itself ask for
# the password.
# Also set "type" to "internal" in the config/radicale/config
# - endpoint: /caldav/.web/
# backend: http://radicale:5232/
# unprotected: true
# skip_x_access_token: true
# additional_headers:
# - X-Script-Name: /caldav

72
devtools/deployments/multi-tenancy/config/traefik/docker-entrypoint-override.sh
View File

@@ -1,72 +0,0 @@
set -e
printenv
# Function to add arguments to the command
add_arg() {
TRAEFIK_CMD="$TRAEFIK_CMD $1"
}
# Initialize the base command
TRAEFIK_CMD="traefik"
# Base Traefik arguments (from your existing configuration)
add_arg "--log.level=${TRAEFIK_LOG_LEVEL:-ERROR}"
# enable dashboard
add_arg "--api.dashboard=true"
# define entrypoints
add_arg "--entryPoints.http.address=:80"
add_arg "--entryPoints.http.http.redirections.entryPoint.to=https"
add_arg "--entryPoints.http.http.redirections.entryPoint.scheme=https"
add_arg "--entryPoints.https.address=:443"
# change default timeouts for long-running requests
# this is needed for webdav clients that do not support the TUS protocol
add_arg "--entryPoints.https.transport.respondingTimeouts.readTimeout=12h"
add_arg "--entryPoints.https.transport.respondingTimeouts.writeTimeout=12h"
add_arg "--entryPoints.https.transport.respondingTimeouts.idleTimeout=3m"
# docker provider (get configuration from container labels)
add_arg "--providers.docker.endpoint=unix:///var/run/docker.sock"
add_arg "--providers.docker.exposedByDefault=false"
# access log
add_arg "--accessLog=${TRAEFIK_ACCESS_LOG:-false}"
add_arg "--accessLog.format=json"
add_arg "--accessLog.fields.headers.names.X-Request-Id=keep"
# Add Let's Encrypt configuration if enabled
if [ "${TRAEFIK_SERVICES_TLS_CONFIG}" = "tls.certresolver=letsencrypt" ]; then
echo "Configuring Traefik with Let's Encrypt..."
add_arg "--certificatesResolvers.letsencrypt.acme.email=${TRAEFIK_ACME_MAIL:-example@example.org}"
add_arg "--certificatesResolvers.letsencrypt.acme.storage=/certs/acme.json"
add_arg "--certificatesResolvers.letsencrypt.acme.httpChallenge.entryPoint=http"
add_arg "--certificatesResolvers.letsencrypt.acme.caserver=${TRAEFIK_ACME_CASERVER:-https://acme-v02.api.letsencrypt.org/directory}"
fi
# Add local certificate configuration if enabled
if [ "${TRAEFIK_SERVICES_TLS_CONFIG}" = "tls=true" ]; then
echo "Configuring Traefik with local certificates..."
add_arg "--providers.file.directory=/etc/traefik/dynamic"
add_arg "--providers.file.watch=true"
fi
# Warning if neither certificate method is enabled
if [ "${TRAEFIK_SERVICES_TLS_CONFIG}" != "tls=true" ] && [ "${TRAEFIK_SERVICES_TLS_CONFIG}" != "tls.certresolver=letsencrypt" ]; then
echo "WARNING: Neither Let's Encrypt nor local certificates are enabled."
echo "HTTPS will not work properly without certificate configuration."
fi
# Add any custom arguments from environment variable
if [ -n "${TRAEFIK_CUSTOM_ARGS}" ]; then
echo "Adding custom Traefik arguments: ${TRAEFIK_CUSTOM_ARGS}"
TRAEFIK_CMD="$TRAEFIK_CMD $TRAEFIK_CUSTOM_ARGS"
fi
# Add any additional arguments passed to the script
for arg in "$@"; do
add_arg "$arg"
done
# Print the final command for debugging
echo "Starting Traefik with command:"
echo "$TRAEFIK_CMD"
# Execute Traefik
exec $TRAEFIK_CMD

0
devtools/deployments/multi-tenancy/config/traefik/dynamic/.gitkeep
View File

119
devtools/deployments/multi-tenancy/docker-compose.yml
View File

@@ -1,119 +0,0 @@
---
services:
# OpenCloud instance configured for multi-tenancy using keycloak as identity provider
# The graph service is setup to consume users via the CS3 API.
opencloud:
image: ${OC_DOCKER_IMAGE:-opencloudeu/opencloud-rolling}:${OC_DOCKER_TAG:-latest}
# changelog: https://github.com/opencloud-eu/opencloud/tree/main/changelog
# release notes: https://docs.opencloud.eu/opencloud_release_notes.html
networks:
opencloud-net:
entrypoint:
- /bin/sh
# run opencloud init to initialize a configuration file with random secrets
# it will fail on subsequent runs, because the config file already exists
# therefore we ignore the error and then start the opencloud server
command: ["-c", "opencloud init || true; opencloud server"]
environment:
OC_MULTI_TENANT_ENABLED: "true"
# enable services that are not started automatically
OC_URL: https://${OC_DOMAIN:-cloud.opencloud.test}
OC_LOG_LEVEL: ${LOG_LEVEL:-info}
OC_LOG_COLOR: "${LOG_PRETTY:-false}"
OC_LOG_PRETTY: "${LOG_PRETTY:-false}"
OC_EXCLUDE_RUN_SERVICES: idm,idp
PROXY_ROLE_ASSIGNMENT_DRIVER: "oidc"
OC_OIDC_ISSUER: https://${KEYCLOAK_DOMAIN:-keycloak.opencloud.test}/realms/openCloud
PROXY_OIDC_REWRITE_WELLKNOWN: "true"
WEB_OIDC_CLIENT_ID: ${OC_OIDC_CLIENT_ID:-web}
PROXY_USER_OIDC_CLAIM: "uuid"
PROXY_USER_CS3_CLAIM: "userid"
WEB_OPTION_ACCOUNT_EDIT_LINK_HREF: "https://${KEYCLOAK_DOMAIN:-keycloak.opencloud.test}/realms/openCloud/account"
# admin and demo accounts must be created in Keycloak
OC_ADMIN_USER_ID: ""
SETTINGS_SETUP_DEFAULT_ASSIGNMENTS: "false"
GRAPH_ASSIGN_DEFAULT_USER_ROLE: "false"
GRAPH_USERNAME_MATCH: "none"
GROUPS_DRIVER: "null"
# This is needed to set the correct CSP rules for OpenCloud
IDP_DOMAIN: ${KEYCLOAK_DOMAIN:-keycloak.opencloud.test}
# do not use SSL between the reverse proxy and OpenCloud
PROXY_TLS: "false"
# INSECURE: needed if OpenCloud / reverse proxy is using self generated certificates
OC_INSECURE: "${INSECURE:-false}"
# basic auth (not recommended, but needed for eg. WebDav clients that do not support OpenID Connect)
PROXY_ENABLE_BASIC_AUTH: "false"
GRAPH_IDENTITY_BACKEND: "cs3"
PROXY_CSP_CONFIG_FILE_LOCATION: /etc/opencloud/csp.yaml
OC_LDAP_URI: ldaps://ldap-server:1636
OC_LDAP_INSECURE: "true"
OC_LDAP_BIND_DN: "cn=admin,dc=opencloud,dc=eu"
OC_LDAP_BIND_PASSWORD: ${LDAP_BIND_PASSWORD:-admin}
OC_LDAP_USER_BASE_DN: "ou=users,dc=opencloud,dc=eu"
OC_LDAP_USER_SCHEMA_TENANT_ID: "openCloudMemberOfSchool"
PROXY_LOG_LEVEL: "debug"
volumes:
- ./config/opencloud/csp.yaml:/etc/opencloud/csp.yaml
# configure the .env file to use own paths instead of docker internal volumes
- ${OC_CONFIG_DIR:-opencloud-config}:/etc/opencloud
- ${OC_DATA_DIR:-opencloud-data}:/var/lib/opencloud
logging:
driver: ${LOG_DRIVER:-local}
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.opencloud.entrypoints=https"
- "traefik.http.routers.opencloud.rule=Host(`${OC_DOMAIN:-cloud.opencloud.test}`)"
- "traefik.http.routers.opencloud.service=opencloud"
- "traefik.http.services.opencloud.loadbalancer.server.port=9200"
- "traefik.http.routers.opencloud.${TRAEFIK_SERVICES_TLS_CONFIG}"
# Stand-alone instance of the 'graph' service to serve the provisioning API
provsioning:
image: ${OC_DOCKER_IMAGE:-opencloudeu/opencloud-rolling}:${OC_DOCKER_TAG:-latest}
networks:
opencloud-net:
entrypoint:
- /bin/sh
# run opencloud init to initialize a configuration file with random secrets
# it will fail on subsequent runs, because the config file already exists
# therefore we ignore the error and then start the opencloud server
command: ["-c", "opencloud init || true; opencloud graph server"]
environment:
OC_LOG_LEVEL: "debug"
OC_LOG_COLOR: "${LOG_PRETTY:-false}"
OC_LOG_PRETTY: "${LOG_PRETTY:-false}"
# This just runs the standalone graph service we don't need access to the registry
MICRO_REGISTRY: "memory"
# INSECURE: needed if OpenCloud / reverse proxy is using self generated certificates
OC_INSECURE: "${INSECURE:-false}"
GRAPH_HTTP_ADDR: "0.0.0.0:9120"
GRAPH_HTTP_API_TOKEN: "${PROVISIONING_API_TOKEN:-changeme}"
# disable listening for events
GRAPH_EVENTS_ENDPOINT: ""
GRAPH_STORE_NODES: ""
GRAPH_ASSIGN_DEFAULT_USER_ROLE: "false"
GRAPH_USERNAME_MATCH: "none"
GRAPH_LDAP_EDUCATION_RESOURCES_ENABLED: "true"
GRAPH_LDAP_SCHOOL_BASE_DN: "ou=tenants,dc=opencloud,dc=eu"
OC_LDAP_URI: ldaps://ldap-server:1636
OC_LDAP_INSECURE: "true"
OC_LDAP_BIND_DN: "cn=admin,dc=opencloud,dc=eu"
OC_LDAP_BIND_PASSWORD: ${LDAP_BIND_PASSWORD:-admin}
OC_LDAP_USER_BASE_DN: "ou=users,dc=opencloud,dc=eu"
OC_LDAP_USER_FILTER: "(objectclass=inetOrgPerson)"
volumes:
# configure the .env file to use own paths instead of docker internal volumes
- ${PROVISIONING_CONFIG_DIR:-provisioning-config}:/etc/opencloud
logging:
driver: ${LOG_DRIVER:-local}
restart: always
ports:
- "9120:9120"
volumes:
opencloud-config:
opencloud-data:
provisioning-config:
networks:
opencloud-net:

169
devtools/deployments/multi-tenancy/initialize_users.go
View File

@@ -1,169 +0,0 @@
package main
import (
"context"
"crypto/tls"
"fmt"
"github.com/Nerzal/gocloak/v13"
"github.com/go-resty/resty/v2"
libregraph "github.com/opencloud-eu/libre-graph-api-go"
)
const (
provisioningAPIURL = "http://localhost:9120/graph"
provisioningAuthToken = "changeme"
)
type tenantWithUsers struct {
tenant libregraph.EducationSchool
users []libregraph.EducationUser
}
var demoTenants = []tenantWithUsers{
{
tenant: libregraph.EducationSchool{
DisplayName: libregraph.PtrString("Famous Coders"),
},
users: []libregraph.EducationUser{
{
DisplayName: libregraph.PtrString("Dennis Ritchie"),
OnPremisesSamAccountName: libregraph.PtrString("dennis"),
Mail: libregraph.PtrString("dennis@example.org"),
},
{
DisplayName: libregraph.PtrString("Grace Hopper"),
OnPremisesSamAccountName: libregraph.PtrString("grace"),
Mail: libregraph.PtrString("grace@example.org"),
},
},
},
{
tenant: libregraph.EducationSchool{
DisplayName: libregraph.PtrString("Scientists"),
},
users: []libregraph.EducationUser{
{
DisplayName: libregraph.PtrString("Albert Einstein"),
OnPremisesSamAccountName: libregraph.PtrString("einstein"),
Mail: libregraph.PtrString("einstein@example.org"),
},
{
DisplayName: libregraph.PtrString("Marie Curie"),
OnPremisesSamAccountName: libregraph.PtrString("marie"),
Mail: libregraph.PtrString("marie@example.org"),
},
},
},
}
func main() {
lgconf := libregraph.NewConfiguration()
lgconf.Servers = libregraph.ServerConfigurations{
{
URL: provisioningAPIURL,
},
}
lgconf.DefaultHeader = map[string]string{"Authorization": "Bearer " + provisioningAuthToken}
lgclient := libregraph.NewAPIClient(lgconf)
for _, tenant := range demoTenants {
tenantid, err := createTenant(lgclient, tenant.tenant)
if err != nil {
fmt.Printf("Failed to create tenant: %s\n", err)
continue
}
for _, user := range tenant.users {
userid1, err := createUser(lgclient, user)
if err != nil {
fmt.Printf("Failed to create user: %s\n", err)
continue
}
_, err = lgclient.EducationSchoolApi.AddUserToSchool(context.TODO(), tenantid).EducationUserReference(libregraph.EducationUserReference{
OdataId: libregraph.PtrString(fmt.Sprintf("%s/education/users/%s", provisioningAPIURL, userid1)),
}).Execute()
if err != nil {
fmt.Printf("Failed to add user to tenant: %s\n", err)
continue
}
}
}
resetAllUserPasswords()
setUserRoles()
}
func createUser(client *libregraph.APIClient, user libregraph.EducationUser) (string, error) {
newUser, _, err := client.EducationUserApi.CreateEducationUser(context.TODO()).EducationUser(user).Execute()
if err != nil {
fmt.Printf("Failed to create user: %s\n", err)
return "", err
}
fmt.Printf("Created user: %s with id %s\n", newUser.GetDisplayName(), newUser.GetId())
return newUser.GetId(), nil
}
func createTenant(client *libregraph.APIClient, tenant libregraph.EducationSchool) (string, error) {
newTenant, _, err := client.EducationSchoolApi.CreateSchool(context.TODO()).EducationSchool(tenant).Execute()
if err != nil {
fmt.Printf("Failed to create tenant: %s\n", err)
return "", err
}
fmt.Printf("Created tenant: %s with id %s\n", newTenant.GetDisplayName(), newTenant.GetId())
return newTenant.GetId(), nil
}
func setUserRoles() {
tls := tls.Config{InsecureSkipVerify: true}
restyClient := resty.New().SetTLSClientConfig(&tls)
client := gocloak.NewClient("https://keycloak.opencloud.test")
client.SetRestyClient(restyClient)
ctx := context.Background()
token, err := client.LoginAdmin(ctx, "kcadmin", "admin", "master")
if err != nil {
fmt.Printf("Failed to login: %s\n", err)
panic("Something wrong with the credentials or url")
}
role, _ := client.GetRealmRole(ctx, token.AccessToken, "openCloud", "opencloudUser")
users, err := client.GetUsers(ctx, token.AccessToken, "openCloud", gocloak.GetUsersParams{})
if err != nil {
fmt.Printf("%s\n", err)
panic("Oh no!, failed to list users :(")
}
for _, user := range users {
err := client.AddRealmRoleToUser(ctx, token.AccessToken, "openCloud", *user.ID, []gocloak.Role{
*role,
})
if err != nil {
fmt.Printf("Failed to assign role to user %s: %s\n", *user.Username, err)
}
}
}
func resetAllUserPasswords() {
tls := tls.Config{InsecureSkipVerify: true}
restyClient := resty.New().SetTLSClientConfig(&tls)
client := gocloak.NewClient("https://keycloak.opencloud.test")
client.SetRestyClient(restyClient)
ctx := context.Background()
token, err := client.LoginAdmin(ctx, "kcadmin", "admin", "master")
if err != nil {
fmt.Printf("Failed to login: %s\n", err)
panic("Something wrong with the credentials or url")
}
users, err := client.GetUsers(ctx, token.AccessToken, "openCloud", gocloak.GetUsersParams{})
if err != nil {
fmt.Printf("%s\n", err)
panic("Oh no!, failed to list users :(")
}
for _, user := range users {
fmt.Printf("Setting password for user: %s\n", *user.Username)
err = client.SetPassword(ctx, token.AccessToken, *user.ID, "openCloud", "demo", false)
if err != nil {
fmt.Printf("Failed to set password for user %s: %s\n", *user.Username, err)
}
}
}

55
devtools/deployments/multi-tenancy/keycloak.yml
View File

@@ -1,55 +0,0 @@
---
services:
opencloud:
environment:
postgres:
image: postgres:alpine
networks:
opencloud-net:
volumes:
- keycloak_postgres_data:/var/lib/postgresql/data
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: ${KC_DB_USERNAME:-keycloak}
POSTGRES_PASSWORD: ${KC_DB_PASSWORD:-keycloak}
logging:
driver: ${LOG_DRIVER:-local}
restart: always
keycloak:
labels:
- "traefik.enable=true"
- "traefik.http.routers.keycloak.entrypoints=https"
- "traefik.http.routers.keycloak.rule=Host(`${KEYCLOAK_DOMAIN:-keycloak.opencloud.test}`)"
- "traefik.http.routers.keycloak.${TRAEFIK_SERVICES_TLS_CONFIG}"
- "traefik.http.routers.keycloak.service=keycloak"
- "traefik.http.services.keycloak.loadbalancer.server.port=8080"
image: quay.io/keycloak/keycloak:26.4
networks:
opencloud-net:
command: [ "start", "--spi-connections-http-client-default-disable-trust-manager=${INSECURE:-false}", "--import-realm" ]
entrypoint: [ "/bin/sh", "/opt/keycloak/bin/docker-entrypoint-override.sh" ]
volumes:
- "./config/keycloak/docker-entrypoint-override.sh:/opt/keycloak/bin/docker-entrypoint-override.sh"
- "./config/keycloak/openCloud-realm.dist.json:/opt/keycloak/data/import-dist/openCloud-realm.json"
- "./config/keycloak/themes/opencloud:/opt/keycloak/themes/opencloud"
environment:
OC_DOMAIN: ${OC_DOMAIN:-cloud.opencloud.test}
KC_HOSTNAME: ${KEYCLOAK_DOMAIN:-keycloak.opencloud.test}
KC_DB: postgres
KC_DB_URL: "jdbc:postgresql://postgres:5432/keycloak"
KC_DB_USERNAME: ${KC_DB_USERNAME:-keycloak}
KC_DB_PASSWORD: ${KC_DB_PASSWORD:-keycloak}
KC_FEATURES: impersonation
KC_PROXY_HEADERS: xforwarded
KC_HTTP_ENABLED: true
KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN:-kcadmin}
KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD:-admin}
depends_on:
- postgres
logging:
driver: ${LOG_DRIVER:-local}
restart: always
volumes:
keycloak_postgres_data:

32
devtools/deployments/multi-tenancy/ldap-server.yml
View File

@@ -1,32 +0,0 @@
---
services:
ldap-server:
image: bitnamilegacy/openldap:2.6
networks:
opencloud-net:
entrypoint: [ "/bin/sh", "/opt/bitnami/scripts/openldap/docker-entrypoint-override.sh", "/opt/bitnami/scripts/openldap/run.sh" ]
environment:
BITNAMI_DEBUG: true
LDAP_TLS_VERIFY_CLIENT: never
LDAP_ENABLE_TLS: "yes"
LDAP_TLS_CA_FILE: /opt/bitnami/openldap/share/openldap.crt
LDAP_TLS_CERT_FILE: /opt/bitnami/openldap/share/openldap.crt
LDAP_TLS_KEY_FILE: /opt/bitnami/openldap/share/openldap.key
LDAP_ROOT: "dc=opencloud,dc=eu"
LDAP_ADMIN_PASSWORD: ${LDAP_BIND_PASSWORD:-admin}
ports:
- "127.0.0.1:389:1389"
- "127.0.0.1:636:1636"
volumes:
# Only use the base ldif file to create the base structure
- ./config/ldap/ldif/10_base.ldif:/ldifs/10_base.ldif
# Use the custom schema from opencloud because we are in full control of the ldap server
- ../shared/config/ldap/schemas/10_opencloud_schema.ldif:/schemas/10_opencloud_schema.ldif
- ../shared/config/ldap/schemas/20_opencloud_education_schema.ldif:/schemas/20_opencloud_education_schema.ldif
- ./config/ldap/docker-entrypoint-override.sh:/opt/bitnami/scripts/openldap/docker-entrypoint-override.sh
- ${LDAP_CERTS_DIR:-ldap-certs}:/opt/bitnami/openldap/share
- ${LDAP_DATA_DIR:-ldap-data}:/bitnami/openldap
volumes:
ldap-certs:
ldap-data:

24
devtools/deployments/multi-tenancy/testing/ldap-manager.yml
View File

@@ -1,24 +0,0 @@
---
# This file can be used to be added to the opencloud_full example
# to browse the LDAP server with a web interface.
# This is not a production ready setup.
services:
ldap-manager:
image: phpldapadmin/phpldapadmin:latest
networks:
opencloud-net:
environment:
LDAP_HOST: ldap-server
LDAP_PORT: 1389
LDAP_LOGIN_OBJECTCLASS: "inetOrgPerson"
APP_URL: "https://${LDAP_MANAGER_DOMAIN:-ldap.opencloud.test}"
labels:
- "traefik.enable=true"
- "traefik.http.routers.ldap-manager.entrypoints=https"
- "traefik.http.routers.ldap-manager.rule=Host(`${LDAP_MANAGER_DOMAIN:-ldap.opencloud.test}`)"
- "traefik.http.routers.ldap-manager.${TRAEFIK_SERVICES_TLS_CONFIG}"
- "traefik.http.routers.ldap-manager.service=ldap-manager"
- "traefik.http.services.ldap-manager.loadbalancer.server.port=8080"
logging:
driver: ${LOG_DRIVER:-local}
restart: always

45
devtools/deployments/multi-tenancy/traefik.yml
View File

@@ -1,45 +0,0 @@
---
services:
opencloud:
labels:
- "traefik.enable=true"
- "traefik.http.routers.opencloud.entrypoints=https"
- "traefik.http.routers.opencloud.rule=Host(`${OC_DOMAIN:-cloud.opencloud.test}`)"
- "traefik.http.routers.opencloud.service=opencloud"
- "traefik.http.services.opencloud.loadbalancer.server.port=9200"
- "traefik.http.routers.opencloud.${TRAEFIK_SERVICES_TLS_CONFIG}"
traefik:
image: traefik:v3.3.1
# release notes: https://github.com/traefik/traefik/releases
networks:
opencloud-net:
aliases:
- ${OC_DOMAIN:-cloud.opencloud.test}
- ${KEYCLOAK_DOMAIN:-keycloak.opencloud.test}
entrypoint: [ "/bin/sh", "/opt/traefik/bin/docker-entrypoint-override.sh"]
environment:
- "TRAEFIK_SERVICES_TLS_CONFIG=${TRAEFIK_SERVICES_TLS_CONFIG:-tls.certresolver=letsencrypt}"
- "TRAEFIK_ACME_MAIL=${TRAEFIK_ACME_MAIL:-example@example.org}"
- "TRAEFIK_ACME_CASERVER=${TRAEFIK_ACME_CASERVER:-https://acme-v02.api.letsencrypt.org/directory}"
- "TRAEFIK_LOG_LEVEL=${TRAEFIK_LOG_LEVEL:-ERROR}"
- "TRAEFIK_ACCESS_LOG=${TRAEFIK_ACCESS_LOG:-false}"
ports:
- "80:80"
- "443:443"
volumes:
- "${DOCKER_SOCKET_PATH:-/var/run/docker.sock}:/var/run/docker.sock:ro"
- "./config/traefik/docker-entrypoint-override.sh:/opt/traefik/bin/docker-entrypoint-override.sh"
- "${TRAEFIK_CERTS_DIR:-./certs}:/certs"
- "./config/traefik/dynamic:/etc/traefik/dynamic"
labels:
- "traefik.enable=${TRAEFIK_DASHBOARD:-false}"
# defaults to admin:admin
- "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_BASIC_AUTH_USERS:-admin:$$apr1$$4vqie50r$$YQAmQdtmz5n9rEALhxJ4l.}"
- "traefik.http.routers.traefik.entrypoints=https"
- "traefik.http.routers.traefik.rule=Host(`${TRAEFIK_DOMAIN:-traefik.opencloud.test}`)"
- "traefik.http.routers.traefik.middlewares=traefik-auth"
- "traefik.http.routers.traefik.${TRAEFIK_SERVICES_TLS_CONFIG}"
- "traefik.http.routers.traefik.service=api@internal"
logging:
driver: ${LOG_DRIVER:-local}
restart: always

73
go.mod
View File

@@ -11,7 +11,7 @@ require (
github.com/Nerzal/gocloak/v13 v13.9.0
github.com/bbalet/stopwords v1.0.0
github.com/beevik/etree v1.6.0
github.com/blevesearch/bleve/v2 v2.5.7
github.com/blevesearch/bleve/v2 v2.5.5
github.com/cenkalti/backoff v2.2.1+incompatible
github.com/coreos/go-oidc/v3 v3.17.0
github.com/cs3org/go-cs3apis v0.0.0-20250908152307-4ca807afe54e
@@ -20,7 +20,7 @@ require (
github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e
github.com/gabriel-vasile/mimetype v1.4.12
github.com/ggwhite/go-masker v1.1.0
github.com/go-chi/chi/v5 v5.2.4
github.com/go-chi/chi/v5 v5.2.3
github.com/go-chi/render v1.0.3
github.com/go-jose/go-jose/v3 v3.0.4
github.com/go-ldap/ldap/v3 v3.4.12
@@ -34,7 +34,6 @@ require (
github.com/go-micro/plugins/v4/wrapper/monitoring/prometheus v1.2.0
github.com/go-micro/plugins/v4/wrapper/trace/opentelemetry v1.2.0
github.com/go-playground/validator/v10 v10.30.1
github.com/go-resty/resty/v2 v2.17.1
github.com/golang-jwt/jwt/v5 v5.3.0
github.com/golang/protobuf v1.5.4
github.com/google/go-cmp v0.7.0
@@ -42,13 +41,13 @@ require (
github.com/google/uuid v1.6.0
github.com/gookit/config/v2 v2.2.7
github.com/gorilla/mux v1.8.1
github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.5
github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3
github.com/invopop/validation v0.8.0
github.com/jellydator/ttlcache/v2 v2.11.1
github.com/jellydator/ttlcache/v3 v3.4.0
github.com/jinzhu/now v1.1.5
github.com/justinas/alice v1.2.0
github.com/kovidgoyal/imaging v1.8.19
github.com/kovidgoyal/imaging v1.8.18
github.com/leonelquinteros/gotext v1.7.2
github.com/libregraph/idm v0.5.0
github.com/libregraph/lico v0.66.0
@@ -56,16 +55,16 @@ require (
github.com/mna/pigeon v1.3.0
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826
github.com/nats-io/nats-server/v2 v2.12.3
github.com/nats-io/nats.go v1.48.0
github.com/nats-io/nats.go v1.47.0
github.com/oklog/run v1.2.0
github.com/olekukonko/tablewriter v1.1.3
github.com/olekukonko/tablewriter v1.1.1
github.com/onsi/ginkgo v1.16.5
github.com/onsi/ginkgo/v2 v2.27.5
github.com/onsi/gomega v1.39.0
github.com/open-policy-agent/opa v1.12.3
github.com/onsi/ginkgo/v2 v2.27.2
github.com/onsi/gomega v1.38.2
github.com/open-policy-agent/opa v1.11.1
github.com/opencloud-eu/icap-client v0.0.0-20250930132611-28a2afe62d89
github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76
github.com/opencloud-eu/reva/v2 v2.41.1-0.20260120144836-2769c3c07a19
github.com/opencloud-eu/reva/v2 v2.41.1-0.20260107152322-93760b632993
github.com/opensearch-project/opensearch-go/v4 v4.6.0
github.com/orcaman/concurrent-map v1.0.0
github.com/pkg/errors v0.9.1
@@ -76,9 +75,9 @@ require (
github.com/rogpeppe/go-internal v1.14.1
github.com/rs/cors v1.11.1
github.com/rs/zerolog v1.34.0
github.com/sirupsen/logrus v1.9.4
github.com/sirupsen/logrus v1.9.4-0.20230606125235-dd1b4c2e81af
github.com/spf13/afero v1.15.0
github.com/spf13/cobra v1.10.2
github.com/spf13/cobra v1.10.1
github.com/spf13/pflag v1.0.10
github.com/spf13/viper v1.21.0
github.com/stretchr/testify v1.11.1
@@ -96,22 +95,22 @@ require (
go-micro.dev/v4 v4.11.0
go.etcd.io/bbolt v1.4.3
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.64.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.64.0
go.opentelemetry.io/contrib/zpages v0.64.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0
go.opentelemetry.io/contrib/zpages v0.63.0
go.opentelemetry.io/otel v1.39.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.39.0
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.39.0
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.38.0
go.opentelemetry.io/otel/sdk v1.39.0
go.opentelemetry.io/otel/trace v1.39.0
golang.org/x/crypto v0.47.0
golang.org/x/crypto v0.46.0
golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac
golang.org/x/image v0.35.0
golang.org/x/net v0.49.0
golang.org/x/image v0.34.0
golang.org/x/net v0.48.0
golang.org/x/oauth2 v0.34.0
golang.org/x/sync v0.19.0
golang.org/x/term v0.39.0
golang.org/x/text v0.33.0
google.golang.org/genproto/googleapis/api v0.0.0-20260120221211-b8f7ae30c516
golang.org/x/term v0.38.0
golang.org/x/text v0.32.0
google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217
google.golang.org/grpc v1.78.0
google.golang.org/protobuf v1.36.11
gopkg.in/yaml.v2 v2.4.0
@@ -125,7 +124,7 @@ require (
filippo.io/edwards25519 v1.1.0 // indirect
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
github.com/BurntSushi/toml v1.6.0 // indirect
github.com/BurntSushi/toml v1.5.0 // indirect
github.com/Masterminds/goutils v1.1.1 // indirect
github.com/Masterminds/semver/v3 v3.4.0 // indirect
github.com/Masterminds/sprig v2.22.0+incompatible // indirect
@@ -158,7 +157,7 @@ require (
github.com/blevesearch/zapx/v13 v13.4.2 // indirect
github.com/blevesearch/zapx/v14 v14.4.2 // indirect
github.com/blevesearch/zapx/v15 v15.4.2 // indirect
github.com/blevesearch/zapx/v16 v16.2.8 // indirect
github.com/blevesearch/zapx/v16 v16.2.7 // indirect
github.com/bluele/gcache v0.0.2 // indirect
github.com/bombsimon/logrusr/v3 v3.1.0 // indirect
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
@@ -166,9 +165,9 @@ require (
github.com/ceph/go-ceph v0.37.0 // indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/cevaris/ordered_map v0.0.0-20190319150403-3adeae072e73 // indirect
github.com/clipperhouse/displaywidth v0.6.2 // indirect
github.com/clipperhouse/displaywidth v0.3.1 // indirect
github.com/clipperhouse/stringish v0.1.1 // indirect
github.com/clipperhouse/uax29/v2 v2.3.0 // indirect
github.com/clipperhouse/uax29/v2 v2.2.0 // indirect
github.com/cloudflare/circl v1.6.1 // indirect
github.com/containerd/errdefs v1.0.0 // indirect
github.com/containerd/errdefs/pkg v0.3.0 // indirect
@@ -222,6 +221,7 @@ require (
github.com/go-playground/locales v0.14.1 // indirect
github.com/go-playground/universal-translator v0.18.1 // indirect
github.com/go-redis/redis/v8 v8.11.5 // indirect
github.com/go-resty/resty/v2 v2.7.0 // indirect
github.com/go-sql-driver/mysql v1.9.3 // indirect
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
@@ -250,7 +250,6 @@ require (
github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 // indirect
github.com/hashicorp/go-hclog v1.6.3 // indirect
github.com/hashicorp/go-plugin v1.7.0 // indirect
github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
github.com/hashicorp/yamux v0.1.2 // indirect
github.com/huandu/xstrings v1.5.0 // indirect
github.com/iancoleman/strcase v0.3.0 // indirect
@@ -289,10 +288,10 @@ require (
github.com/mendsley/gojwk v0.0.0-20141217222730-4d5ec6e58103 // indirect
github.com/miekg/dns v1.1.57 // indirect
github.com/mileusna/useragent v1.3.5 // indirect
github.com/minio/crc64nvme v1.1.1 // indirect
github.com/minio/crc64nvme v1.1.0 // indirect
github.com/minio/highwayhash v1.0.4-0.20251030100505-070ab1a87a76 // indirect
github.com/minio/md5-simd v1.1.2 // indirect
github.com/minio/minio-go/v7 v7.0.98 // indirect
github.com/minio/minio-go/v7 v7.0.97 // indirect
github.com/mitchellh/copystructure v1.2.0 // indirect
github.com/mitchellh/reflectwalk v1.0.2 // indirect
github.com/moby/docker-image-spec v1.3.1 // indirect
@@ -313,7 +312,7 @@ require (
github.com/nxadm/tail v1.4.8 // indirect
github.com/olekukonko/cat v0.0.0-20250911104152-50322a0618f6 // indirect
github.com/olekukonko/errors v1.1.0 // indirect
github.com/olekukonko/ll v0.1.4-0.20260115111900-9e59c2286df0 // indirect
github.com/olekukonko/ll v0.1.2 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.1.1 // indirect
github.com/opentracing/opentracing-go v1.2.0 // indirect
@@ -328,7 +327,7 @@ require (
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
github.com/pquerna/cachecontrol v0.2.0 // indirect
github.com/prometheus/alertmanager v0.30.1 // indirect
github.com/prometheus/alertmanager v0.30.0 // indirect
github.com/prometheus/client_model v0.6.2 // indirect
github.com/prometheus/common v0.67.4 // indirect
github.com/prometheus/procfs v0.17.0 // indirect
@@ -343,7 +342,7 @@ require (
github.com/samber/slog-common v0.19.0 // indirect
github.com/samber/slog-zerolog/v2 v2.9.0 // indirect
github.com/segmentio/asm v1.2.1 // indirect
github.com/segmentio/kafka-go v0.4.50 // indirect
github.com/segmentio/kafka-go v0.4.49 // indirect
github.com/segmentio/ksuid v1.0.4 // indirect
github.com/sercand/kuberesolver/v5 v5.1.1 // indirect
github.com/sergi/go-diff v1.4.0 // indirect
@@ -363,7 +362,7 @@ require (
github.com/tchap/go-patricia/v2 v2.3.3 // indirect
github.com/tidwall/match v1.1.1 // indirect
github.com/tidwall/pretty v1.2.1 // indirect
github.com/tinylib/msgp v1.6.1 // indirect
github.com/tinylib/msgp v1.3.0 // indirect
github.com/tklauser/go-sysconf v0.3.14 // indirect
github.com/tklauser/numcpus v0.8.0 // indirect
github.com/toorop/go-dkim v0.0.0-20201103131630-e1cd1a0a5208 // indirect
@@ -391,12 +390,12 @@ require (
go.uber.org/zap v1.27.0 // indirect
go.yaml.in/yaml/v2 v2.4.3 // indirect
go.yaml.in/yaml/v3 v3.0.4 // indirect
golang.org/x/mod v0.31.0 // indirect
golang.org/x/sys v0.40.0 // indirect
golang.org/x/mod v0.30.0 // indirect
golang.org/x/sys v0.39.0 // indirect
golang.org/x/time v0.14.0 // indirect
golang.org/x/tools v0.40.0 // indirect
golang.org/x/tools v0.39.0 // indirect
google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20260120221211-b8f7ae30c516 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 // indirect
gopkg.in/cenkalti/backoff.v1 v1.1.0 // indirect
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
gopkg.in/warnings.v0 v0.1.2 // indirect

147
go.sum
View File

@@ -65,8 +65,8 @@ github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbt
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8=
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/BurntSushi/toml v1.6.0 h1:dRaEfpa2VI55EwlIW72hMRHdWouJeRF7TPYhI+AUQjk=
github.com/BurntSushi/toml v1.6.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
github.com/BurntSushi/toml v1.5.0 h1:W5quZX/G/csjUnuI8SUYlsHs9M38FC7znL0lIO+DvMg=
github.com/BurntSushi/toml v1.5.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
github.com/CiscoM31/godata v1.0.11 h1:w7y8twuW02LdH6mak3/GJ5i0GrCv2IoZUJVqa/g5Yeo=
github.com/CiscoM31/godata v1.0.11/go.mod h1:ZMiT6JuD3Rm83HEtiTx4JEChsd25YCrxchKGag/sdTc=
@@ -151,8 +151,8 @@ github.com/bits-and-blooms/bitset v1.12.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6
github.com/bits-and-blooms/bitset v1.22.0 h1:Tquv9S8+SGaS3EhyA+up3FXzmkhxPGjQQCkcs2uw7w4=
github.com/bits-and-blooms/bitset v1.22.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8=
github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84=
github.com/blevesearch/bleve/v2 v2.5.7 h1:2d9YrL5zrX5EBBW++GOaEKjE+NPWeZGaX77IM26m1Z8=
github.com/blevesearch/bleve/v2 v2.5.7/go.mod h1:yj0NlS7ocGC4VOSAedqDDMktdh2935v2CSWOCDMHdSA=
github.com/blevesearch/bleve/v2 v2.5.5 h1:lzC89QUCco+y1qBnJxGqm4AbtsdsnlUvq0kXok8n3C8=
github.com/blevesearch/bleve/v2 v2.5.5/go.mod h1:t5WoESS5TDteTdnjhhvpA1BpLYErOBX2IQViTMLK7wo=
github.com/blevesearch/bleve_index_api v1.2.11 h1:bXQ54kVuwP8hdrXUSOnvTQfgK0KI1+f9A0ITJT8tX1s=
github.com/blevesearch/bleve_index_api v1.2.11/go.mod h1:rKQDl4u51uwafZxFrPD1R7xFOwKnzZW7s/LSeK4lgo0=
github.com/blevesearch/geo v0.2.4 h1:ECIGQhw+QALCZaDcogRTNSJYQXRtC8/m8IKiA706cqk=
@@ -185,8 +185,8 @@ github.com/blevesearch/zapx/v14 v14.4.2 h1:2SGHakVKd+TrtEqpfeq8X+So5PShQ5nW6GNxT
github.com/blevesearch/zapx/v14 v14.4.2/go.mod h1:rz0XNb/OZSMjNorufDGSpFpjoFKhXmppH9Hi7a877D8=
github.com/blevesearch/zapx/v15 v15.4.2 h1:sWxpDE0QQOTjyxYbAVjt3+0ieu8NCE0fDRaFxEsp31k=
github.com/blevesearch/zapx/v15 v15.4.2/go.mod h1:1pssev/59FsuWcgSnTa0OeEpOzmhtmr/0/11H0Z8+Nw=
github.com/blevesearch/zapx/v16 v16.2.8 h1:SlnzF0YGtSlrsOE3oE7EgEX6BIepGpeqxs1IjMbHLQI=
github.com/blevesearch/zapx/v16 v16.2.8/go.mod h1:murSoCJPCk25MqURrcJaBQ1RekuqSCSfMjXH4rHyA14=
github.com/blevesearch/zapx/v16 v16.2.7 h1:xcgFRa7f/tQXOwApVq7JWgPYSlzyUMmkuYa54tMDuR0=
github.com/blevesearch/zapx/v16 v16.2.7/go.mod h1:murSoCJPCk25MqURrcJaBQ1RekuqSCSfMjXH4rHyA14=
github.com/bluele/gcache v0.0.2 h1:WcbfdXICg7G/DGBh1PFfcirkWOQV+v077yF1pSy3DGw=
github.com/bluele/gcache v0.0.2/go.mod h1:m15KV+ECjptwSPxKhOhQoAFQVtUFjTVkc3H8o0t/fp0=
github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 h1:DDGfHa7BWjL4YnC6+E63dPcxHo2sUxDIu8g3QgEJdRY=
@@ -223,12 +223,12 @@ github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWR
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
github.com/clipperhouse/displaywidth v0.6.2 h1:ZDpTkFfpHOKte4RG5O/BOyf3ysnvFswpyYrV7z2uAKo=
github.com/clipperhouse/displaywidth v0.6.2/go.mod h1:R+kHuzaYWFkTm7xoMmK1lFydbci4X2CicfbGstSGg0o=
github.com/clipperhouse/displaywidth v0.3.1 h1:k07iN9gD32177o1y4O1jQMzbLdCrsGJh+blirVYybsk=
github.com/clipperhouse/displaywidth v0.3.1/go.mod h1:tgLJKKyaDOCadywag3agw4snxS5kYEuYR6Y9+qWDDYM=
github.com/clipperhouse/stringish v0.1.1 h1:+NSqMOr3GR6k1FdRhhnXrLfztGzuG+VuFDfatpWHKCs=
github.com/clipperhouse/stringish v0.1.1/go.mod h1:v/WhFtE1q0ovMta2+m+UbpZ+2/HEXNWYXQgCt4hdOzA=
github.com/clipperhouse/uax29/v2 v2.3.0 h1:SNdx9DVUqMoBuBoW3iLOj4FQv3dN5mDtuqwuhIGpJy4=
github.com/clipperhouse/uax29/v2 v2.3.0/go.mod h1:Wn1g7MK6OoeDT0vL+Q0SQLDz/KpfsVRgg6W7ihQeh4g=
github.com/clipperhouse/uax29/v2 v2.2.0 h1:ChwIKnQN3kcZteTXMgb1wztSgaU+ZemkgWdohwgs8tY=
github.com/clipperhouse/uax29/v2 v2.2.0/go.mod h1:EFJ2TJMRUaplDxHKj1qAEhCtQPW2tJSwu5BF98AuoVM=
github.com/cloudflare/circl v1.6.1 h1:zqIqSPIndyBh1bjLVVDHMPpVKqp8Su/V+6MeDzzQBQ0=
github.com/cloudflare/circl v1.6.1/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
github.com/cloudflare/cloudflare-go v0.14.0/go.mod h1:EnwdgGMaFOruiPZRFSgn+TsQ3hQ7C/YWzIGLeu5c304=
@@ -381,8 +381,8 @@ github.com/go-asn1-ber/asn1-ber v1.4.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkPro
github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667 h1:BP4M0CvQ4S3TGls2FvczZtj5Re/2ZzkV9VwqPHH/3Bo=
github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0=
github.com/go-chi/chi v4.0.2+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ=
github.com/go-chi/chi/v5 v5.2.4 h1:WtFKPHwlywe8Srng8j2BhOD9312j9cGUxG1SP4V2cR4=
github.com/go-chi/chi/v5 v5.2.4/go.mod h1:X7Gx4mteadT3eDOMTsXzmI4/rwUpOwBHLpAfupzFJP0=
github.com/go-chi/chi/v5 v5.2.3 h1:WQIt9uxdsAbgIYgid+BpYc+liqQZGMHRaUwp0JUcvdE=
github.com/go-chi/chi/v5 v5.2.3/go.mod h1:L2yAIGWB3H+phAw1NxKwWM+7eUH/lU8pOMm5hHcoops=
github.com/go-chi/render v1.0.3 h1:AsXqd2a1/INaIfUSKq3G5uA8weYx20FOsM7uSoCyyt4=
github.com/go-chi/render v1.0.3/go.mod h1:/gr3hVkmYR0YlEy3LxCuVRFzEu9Ruok+gFqbIofjao0=
github.com/go-cmd/cmd v1.0.5/go.mod h1:y8q8qlK5wQibcw63djSl/ntiHUHXHGdCkPk0j4QeW4s=
@@ -461,8 +461,8 @@ github.com/go-playground/validator/v10 v10.30.1/go.mod h1:oSuBIQzuJxL//3MelwSLD5
github.com/go-redis/redis/v8 v8.11.5 h1:AcZZR7igkdvfVmQTPnu9WE37LRrO/YrBH5zWyjDC0oI=
github.com/go-redis/redis/v8 v8.11.5/go.mod h1:gREzHqY1hg6oD9ngVRbLStwAWKhA0FEgq8Jd4h5lpwo=
github.com/go-resty/resty/v2 v2.1.1-0.20191201195748-d7b97669fe48/go.mod h1:dZGr0i9PLlaaTD4H/hoZIDjQ+r6xq8mgbRzHZf7f2J8=
github.com/go-resty/resty/v2 v2.17.1 h1:x3aMpHK1YM9e4va/TMDRlusDDoZiQ+ViDu/WpA6xTM4=
github.com/go-resty/resty/v2 v2.17.1/go.mod h1:kCKZ3wWmwJaNc7S29BRtUhJwy7iqmn+2mLtQrOyQlVA=
github.com/go-resty/resty/v2 v2.7.0 h1:me+K9p3uhSmXtrBZ4k9jcEAfJmuC8IivWHwaLZwPrFY=
github.com/go-resty/resty/v2 v2.7.0/go.mod h1:9PWDzw47qPphMRFfhsyk0NnSgvluHcljSMVIq3w7q0I=
github.com/go-sql-driver/mysql v1.9.3 h1:U/N249h2WzJ3Ukj8SowVFjdtZKfu9vlLZxjPXV1aweo=
github.com/go-sql-driver/mysql v1.9.3/go.mod h1:qn46aNg1333BRMNU69Lq93t8du/dwxI64Gl8i5p1WMU=
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
@@ -624,8 +624,8 @@ github.com/grpc-ecosystem/go-grpc-middleware v1.4.0/go.mod h1:g5qyo/la0ALbONm6Vb
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
github.com/grpc-ecosystem/grpc-gateway v1.8.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.5 h1:jP1RStw811EvUDzsUQ9oESqw2e4RqCjSAD9qIL8eMns=
github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.5/go.mod h1:WXNBZ64q3+ZUemCMXD9kYnr56H7CgZxDBHCVwstfl3s=
github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3 h1:NmZ1PKzSTQbuGHw9DGPFomqkkLWMC+vZCkfs+FHv1Vg=
github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3/go.mod h1:zQrxl1YP88HQlA6i9c63DSVPFklWpGX4OWAc9bFuaH4=
github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542/go.mod h1:Ow0tF8D4Kplbc8s8sSb3V2oUCygFHVp8gC3Dn6U4MNI=
github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q=
github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
@@ -651,8 +651,6 @@ github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/b
github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90=
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k=
github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64=
github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ=
@@ -747,8 +745,8 @@ github.com/kovidgoyal/go-parallel v1.1.1 h1:1OzpNjtrUkBPq3UaqrnvOoB2F9RttSt811ui
github.com/kovidgoyal/go-parallel v1.1.1/go.mod h1:BJNIbe6+hxyFWv7n6oEDPj3PA5qSw5OCtf0hcVxWJiw=
github.com/kovidgoyal/go-shm v1.0.0 h1:HJEel9D1F9YhULvClEHJLawoRSj/1u/EDV7MJbBPgQo=
github.com/kovidgoyal/go-shm v1.0.0/go.mod h1:Yzb80Xf9L3kaoB2RGok9hHwMIt7Oif61kT6t3+VnZds=
github.com/kovidgoyal/imaging v1.8.19 h1:zWJdQqF2tfSKjvoB7XpLRhVGbYsze++M0iaqZ4ZkhNk=
github.com/kovidgoyal/imaging v1.8.19/go.mod h1:I0q8RdoEuyc4G8GFOF9CaluTUHQSf68d6TmsqpvfRI8=
github.com/kovidgoyal/imaging v1.8.18 h1:42JCqJnQBzBo0hGllLEJVYDARWXPP9MT3HgiTno9Chc=
github.com/kovidgoyal/imaging v1.8.18/go.mod h1:bqjHpeAxSuTLvKob6HuqAr9td2wP9G54Snbgd+1QLoU=
github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg=
github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
@@ -853,14 +851,14 @@ github.com/miekg/dns v1.1.57 h1:Jzi7ApEIzwEPLHWRcafCN9LZSBbqQpxjt/wpgvg7wcM=
github.com/miekg/dns v1.1.57/go.mod h1:uqRjCRUuEAA6qsOiJvDd+CFo/vW+y5WR6SNmHE55hZk=
github.com/mileusna/useragent v1.3.5 h1:SJM5NzBmh/hO+4LGeATKpaEX9+b4vcGg2qXGLiNGDws=
github.com/mileusna/useragent v1.3.5/go.mod h1:3d8TOmwL/5I8pJjyVDteHtgDGcefrFUX4ccGOMKNYYc=
github.com/minio/crc64nvme v1.1.1 h1:8dwx/Pz49suywbO+auHCBpCtlW1OfpcLN7wYgVR6wAI=
github.com/minio/crc64nvme v1.1.1/go.mod h1:eVfm2fAzLlxMdUGc0EEBGSMmPwmXD5XiNRpnu9J3bvg=
github.com/minio/crc64nvme v1.1.0 h1:e/tAguZ+4cw32D+IO/8GSf5UVr9y+3eJcxZI2WOO/7Q=
github.com/minio/crc64nvme v1.1.0/go.mod h1:eVfm2fAzLlxMdUGc0EEBGSMmPwmXD5XiNRpnu9J3bvg=
github.com/minio/highwayhash v1.0.4-0.20251030100505-070ab1a87a76 h1:KGuD/pM2JpL9FAYvBrnBBeENKZNh6eNtjqytV6TYjnk=
github.com/minio/highwayhash v1.0.4-0.20251030100505-070ab1a87a76/go.mod h1:GGYsuwP/fPD6Y9hMiXuapVvlIUEhFhMTh0rxU3ik1LQ=
github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34=
github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM=
github.com/minio/minio-go/v7 v7.0.98 h1:MeAVKjLVz+XJ28zFcuYyImNSAh8Mq725uNW4beRisi0=
github.com/minio/minio-go/v7 v7.0.98/go.mod h1:cY0Y+W7yozf0mdIclrttzo1Iiu7mEf9y7nk2uXqMOvM=
github.com/minio/minio-go/v7 v7.0.97 h1:lqhREPyfgHTB/ciX8k2r8k0D93WaFqxbJX36UZq5occ=
github.com/minio/minio-go/v7 v7.0.97/go.mod h1:re5VXuo0pwEtoNLsNuSr0RrLfT/MBtohwdaSmPPSRSk=
github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s=
@@ -918,8 +916,8 @@ github.com/nats-io/jwt/v2 v2.8.0 h1:K7uzyz50+yGZDO5o772eRE7atlcSEENpL7P+b74JV1g=
github.com/nats-io/jwt/v2 v2.8.0/go.mod h1:me11pOkwObtcBNR8AiMrUbtVOUGkqYjMQZ6jnSdVUIA=
github.com/nats-io/nats-server/v2 v2.12.3 h1:KRv+1n7lddMVgkJPQer+pt36TcO0ENxjilBmeWdjcHs=
github.com/nats-io/nats-server/v2 v2.12.3/go.mod h1:MQXjG9WjyXKz9koWzUc3jYUMKD8x3CLmTNy91IQQz3Y=
github.com/nats-io/nats.go v1.48.0 h1:pSFyXApG+yWU/TgbKCjmm5K4wrHu86231/w84qRVR+U=
github.com/nats-io/nats.go v1.48.0/go.mod h1:iRWIPokVIFbVijxuMQq4y9ttaBTMe0SFdlZfMDd+33g=
github.com/nats-io/nats.go v1.47.0 h1:YQdADw6J/UfGUd2Oy6tn4Hq6YHxCaJrVKayxxFqYrgM=
github.com/nats-io/nats.go v1.47.0/go.mod h1:iRWIPokVIFbVijxuMQq4y9ttaBTMe0SFdlZfMDd+33g=
github.com/nats-io/nkeys v0.4.12 h1:nssm7JKOG9/x4J8II47VWCL1Ds29avyiQDRn0ckMvDc=
github.com/nats-io/nkeys v0.4.12/go.mod h1:MT59A1HYcjIcyQDJStTfaOY6vhy9XTUjOFo+SVsvpBg=
github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw=
@@ -942,25 +940,25 @@ github.com/olekukonko/cat v0.0.0-20250911104152-50322a0618f6 h1:zrbMGy9YXpIeTnGj
github.com/olekukonko/cat v0.0.0-20250911104152-50322a0618f6/go.mod h1:rEKTHC9roVVicUIfZK7DYrdIoM0EOr8mK1Hj5s3JjH0=
github.com/olekukonko/errors v1.1.0 h1:RNuGIh15QdDenh+hNvKrJkmxxjV4hcS50Db478Ou5sM=
github.com/olekukonko/errors v1.1.0/go.mod h1:ppzxA5jBKcO1vIpCXQ9ZqgDh8iwODz6OXIGKU8r5m4Y=
github.com/olekukonko/ll v0.1.4-0.20260115111900-9e59c2286df0 h1:jrYnow5+hy3WRDCBypUFvVKNSPPCdqgSXIE9eJDD8LM=
github.com/olekukonko/ll v0.1.4-0.20260115111900-9e59c2286df0/go.mod h1:b52bVQRRPObe+yyBl0TxNfhesL0nedD4Cht0/zx55Ew=
github.com/olekukonko/ll v0.1.2 h1:lkg/k/9mlsy0SxO5aC+WEpbdT5K83ddnNhAepz7TQc0=
github.com/olekukonko/ll v0.1.2/go.mod h1:b52bVQRRPObe+yyBl0TxNfhesL0nedD4Cht0/zx55Ew=
github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY=
github.com/olekukonko/tablewriter v1.1.3 h1:VSHhghXxrP0JHl+0NnKid7WoEmd9/urKRJLysb70nnA=
github.com/olekukonko/tablewriter v1.1.3/go.mod h1:9VU0knjhmMkXjnMKrZ3+L2JhhtsQ/L38BbL3CRNE8tM=
github.com/olekukonko/tablewriter v1.1.1 h1:b3reP6GCfrHwmKkYwNRFh2rxidGHcT6cgxj/sHiDDx0=
github.com/olekukonko/tablewriter v1.1.1/go.mod h1:De/bIcTF+gpBDB3Alv3fEsZA+9unTsSzAg/ZGADCtn4=
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
github.com/onsi/ginkgo/v2 v2.27.5 h1:ZeVgZMx2PDMdJm/+w5fE/OyG6ILo1Y3e+QX4zSR0zTE=
github.com/onsi/ginkgo/v2 v2.27.5/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo=
github.com/onsi/ginkgo/v2 v2.27.2 h1:LzwLj0b89qtIy6SSASkzlNvX6WktqurSHwkk2ipF/Ns=
github.com/onsi/ginkgo/v2 v2.27.2/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo=
github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
github.com/onsi/gomega v1.39.0 h1:y2ROC3hKFmQZJNFeGAMeHZKkjBL65mIZcvrLQBF9k6Q=
github.com/onsi/gomega v1.39.0/go.mod h1:ZCU1pkQcXDO5Sl9/VVEGlDyp+zm0m1cmeG5TOzLgdh4=
github.com/open-policy-agent/opa v1.12.3 h1:qe3m/w52baKC/HJtippw+hYBUKCzuBCPjB+D5P9knfc=
github.com/open-policy-agent/opa v1.12.3/go.mod h1:RnDgm04GA1RjEXJvrsG9uNT/+FyBNmozcPvA2qz60M4=
github.com/onsi/gomega v1.38.2 h1:eZCjf2xjZAqe+LeWvKb5weQ+NcPwX84kqJ0cZNxok2A=
github.com/onsi/gomega v1.38.2/go.mod h1:W2MJcYxRGV63b418Ai34Ud0hEdTVXq9NW9+Sx6uXf3k=
github.com/open-policy-agent/opa v1.11.1 h1:4bMlG6DjRZTRAswRyF+KUCgxHu1Gsk0h9EbZ4W9REvM=
github.com/open-policy-agent/opa v1.11.1/go.mod h1:QimuJO4T3KYxWzrmAymqlFvsIanCjKrGjmmC8GgAdgE=
github.com/opencloud-eu/go-micro-plugins/v4/store/nats-js-kv v0.0.0-20250512152754-23325793059a h1:Sakl76blJAaM6NxylVkgSzktjo2dS504iDotEFJsh3M=
github.com/opencloud-eu/go-micro-plugins/v4/store/nats-js-kv v0.0.0-20250512152754-23325793059a/go.mod h1:pjcozWijkNPbEtX5SIQaxEW/h8VAVZYTLx+70bmB3LY=
github.com/opencloud-eu/icap-client v0.0.0-20250930132611-28a2afe62d89 h1:W1ms+lP5lUUIzjRGDg93WrQfZJZCaV1ZP3KeyXi8bzY=
@@ -969,8 +967,8 @@ github.com/opencloud-eu/inotifywaitgo v0.0.0-20251111171128-a390bae3c5e9 h1:dIft
github.com/opencloud-eu/inotifywaitgo v0.0.0-20251111171128-a390bae3c5e9/go.mod h1:JWyDC6H+5oZRdUJUgKuaye+8Ph5hEs6HVzVoPKzWSGI=
github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76 h1:vD/EdfDUrv4omSFjrinT8Mvf+8D7f9g4vgQ2oiDrVUI=
github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76/go.mod h1:pzatilMEHZFT3qV7C/X3MqOa3NlRQuYhlRhZTL+hN6Q=
github.com/opencloud-eu/reva/v2 v2.41.1-0.20260120144836-2769c3c07a19 h1:8loHHe7FYd7zgIcGTlbHwre+bU/AAwREEYVd4SWM9/s=
github.com/opencloud-eu/reva/v2 v2.41.1-0.20260120144836-2769c3c07a19/go.mod h1:pv+w23JG0/qJweZbTzNNev//YEvlUML1L/2iXgKGkkg=
github.com/opencloud-eu/reva/v2 v2.41.1-0.20260107152322-93760b632993 h1:qWU0bKhD1wqQIq6giMTvUUbG1IlaT/lzchLDSjuedi0=
github.com/opencloud-eu/reva/v2 v2.41.1-0.20260107152322-93760b632993/go.mod h1:foXaMxugUi4TTRsK3AAXRAb/kyFd4A9k2+wNv+p+vbU=
github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040=
@@ -1022,8 +1020,8 @@ github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:Om
github.com/pquerna/cachecontrol v0.2.0 h1:vBXSNuE5MYP9IJ5kjsdo8uq+w41jSPgvba2DEnkRx9k=
github.com/pquerna/cachecontrol v0.2.0/go.mod h1:NrUG3Z7Rdu85UNR3vm7SOsl1nFIeSiQnrHV5K9mBcUI=
github.com/pquerna/otp v1.3.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg=
github.com/prometheus/alertmanager v0.30.1 h1:427prmCHuy1rMmV7fl/TVQFh5A/78XQ/Mp+TsswZNGM=
github.com/prometheus/alertmanager v0.30.1/go.mod h1:93PBumcTLr/gNtNtM0m7BcCffbvYP5bKuLBWiOnISaA=
github.com/prometheus/alertmanager v0.30.0 h1:E4dnxSFXK8V2Bb8iqudlisTmaIrF3hRJSWnliG08tBM=
github.com/prometheus/alertmanager v0.30.0/go.mod h1:93PBumcTLr/gNtNtM0m7BcCffbvYP5bKuLBWiOnISaA=
github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs=
@@ -1113,8 +1111,8 @@ github.com/scaleway/scaleway-sdk-go v1.0.0-beta.7.0.20210127161313-bd30bebeac4f/
github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
github.com/segmentio/asm v1.2.1 h1:DTNbBqs57ioxAD4PrArqftgypG4/qNpXoJx8TVXxPR0=
github.com/segmentio/asm v1.2.1/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs=
github.com/segmentio/kafka-go v0.4.50 h1:mcyC3tT5WeyWzrFbd6O374t+hmcu1NKt2Pu1L3QaXmc=
github.com/segmentio/kafka-go v0.4.50/go.mod h1:Y1gn60kzLEEaW28YshXyk2+VCUKbJ3Qr6DrnT3i4+9E=
github.com/segmentio/kafka-go v0.4.49 h1:GJiNX1d/g+kG6ljyJEoi9++PUMdXGAxb7JGPiDCuNmk=
github.com/segmentio/kafka-go v0.4.49/go.mod h1:Y1gn60kzLEEaW28YshXyk2+VCUKbJ3Qr6DrnT3i4+9E=
github.com/segmentio/ksuid v1.0.4 h1:sBo2BdShXjmcugAMwjugoGUdUV0pcxY5mW4xKRn3v4c=
github.com/segmentio/ksuid v1.0.4/go.mod h1:/XUiZBD3kVx5SmUOl55voK5yeAbBNNIed+2O73XgrPE=
github.com/sercand/kuberesolver/v5 v5.1.1 h1:CYH+d67G0sGBj7q5wLK61yzqJJ8gLLC8aeprPTHb6yY=
@@ -1140,8 +1138,8 @@ github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPx
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
github.com/sirupsen/logrus v1.9.4 h1:TsZE7l11zFCLZnZ+teH4Umoq5BhEIfIzfRDZ1Uzql2w=
github.com/sirupsen/logrus v1.9.4/go.mod h1:ftWc9WdOfJ0a92nsE2jF5u5ZwH8Bv2zdeOC42RjbV2g=
github.com/sirupsen/logrus v1.9.4-0.20230606125235-dd1b4c2e81af h1:Sp5TG9f7K39yfB+If0vjp97vuT74F72r8hfRpP8jLU0=
github.com/sirupsen/logrus v1.9.4-0.20230606125235-dd1b4c2e81af/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
github.com/skeema/knownhosts v1.3.0 h1:AM+y0rI04VksttfwjkSTNQorvGqmwATnvnAHpSgc0LY=
github.com/skeema/knownhosts v1.3.0/go.mod h1:sPINvnADmT/qYH1kfv+ePMmOBTH6Tbl7b5LvTDjFK7M=
github.com/skratchdot/open-golang v0.0.0-20160302144031-75fb7ed4208c/go.mod h1:sUM3LWHvSMaG192sy56D9F7CNvL7jUJVXoqM1QKLnog=
@@ -1166,8 +1164,8 @@ github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkU
github.com/spf13/cast v1.10.0 h1:h2x0u2shc1QuLHfxi+cTJvs30+ZAHOGRic8uyGTDWxY=
github.com/spf13/cast v1.10.0/go.mod h1:jNfB8QC9IA6ZuY2ZjDp0KtFO2LZZlg4S/7bzP6qqeHo=
github.com/spf13/cobra v1.1.1/go.mod h1:WnodtKOvamDL/PwE2M4iKs8aMDBZ5Q5klgD3qfVJQMI=
github.com/spf13/cobra v1.10.2 h1:DMTTonx5m65Ic0GOoRY2c16WCbHxOOw6xxezuLaBpcU=
github.com/spf13/cobra v1.10.2/go.mod h1:7C1pvHqHw5A4vrJfjNwvOdzYu0Gml16OCs2GRiTUUS4=
github.com/spf13/cobra v1.10.1 h1:lJeBwCfmrnXthfAupyUTzJ/J4Nc1RsHC/mSRU2dll/s=
github.com/spf13/cobra v1.10.1/go.mod h1:7SmJGaTHFVBY0jW4NXGluQoLvhqFQM+6XSKD+P4XaB0=
github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo=
github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
@@ -1226,8 +1224,8 @@ github.com/tidwall/pretty v1.2.1 h1:qjsOFOWWQl+N3RsoF5/ssm1pHmJJwhjlSbZ51I6wMl4=
github.com/tidwall/pretty v1.2.1/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
github.com/tidwall/sjson v1.2.5 h1:kLy8mja+1c9jlljvWTlSazM7cKDRfJuR/bOJhcY5NcY=
github.com/tidwall/sjson v1.2.5/go.mod h1:Fvgq9kS/6ociJEDnK0Fk1cpYF4FIW6ZF7LAe+6jwd28=
github.com/tinylib/msgp v1.6.1 h1:ESRv8eL3u+DNHUoSAAQRE50Hm162zqAnBoGv9PzScPY=
github.com/tinylib/msgp v1.6.1/go.mod h1:RSp0LW9oSxFut3KzESt5Voq4GVWyS+PSulT77roAqEA=
github.com/tinylib/msgp v1.3.0 h1:ULuf7GPooDaIlbyvgAxBV/FI7ynli6LZ1/nVUNu+0ww=
github.com/tinylib/msgp v1.3.0/go.mod h1:ykjzy2wzgrlvpDCRc4LA8UXy6D8bzMSuAF3WD57Gok0=
github.com/tklauser/go-sysconf v0.3.14 h1:g5vzr9iPFFz24v2KZXs/pvpvh8/V9Fw6vQK5ZZb78yU=
github.com/tklauser/go-sysconf v0.3.14/go.mod h1:1ym4lWMLUOhuBOPGtRcJm7tEGX4SCYNEEEtghGG/8uY=
github.com/tklauser/numcpus v0.8.0 h1:Mx4Wwe/FjZLeQsK/6kt2EOepwwSl7SmJrK5bV/dXYgY=
@@ -1313,10 +1311,10 @@ go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ
go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.64.0 h1:RN3ifU8y4prNWeEnQp2kRRHz8UwonAEYZl8tUzHEXAk=
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.64.0/go.mod h1:habDz3tEWiFANTo6oUE99EmaFUrCNYAAg3wiVmusm70=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.64.0 h1:ssfIgGNANqpVFCndZvcuyKbl0g+UAVcbBcqGkG28H0Y=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.64.0/go.mod h1:GQ/474YrbE4Jx8gZ4q5I4hrhUzM6UPzyrqJYV2AqPoQ=
go.opentelemetry.io/contrib/zpages v0.64.0 h1:iMybqKVR8AHHxFX4DuEWJ9dY75+9E7+IPwUK3Ll7NxM=
go.opentelemetry.io/contrib/zpages v0.64.0/go.mod h1:DnkiyoQ7Yx/NmmKn10b6M2YBXreUqq0qhFa/kYgSZME=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0 h1:RbKq8BG0FI8OiXhBfcRtqqHcZcka+gU3cskNuf05R18=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0/go.mod h1:h06DGIukJOevXaj/xrNjhi/2098RZzcLTbc0jDAUbsg=
go.opentelemetry.io/contrib/zpages v0.63.0 h1:TppOKuZGbqXMgsfjqq3i09N5Vbo1JLtLImUqiTPGnX4=
go.opentelemetry.io/contrib/zpages v0.63.0/go.mod h1:5F8uugz75ay/MMhRRhxAXY33FuaI8dl7jTxefrIy5qk=
go.opentelemetry.io/otel v1.39.0 h1:8yPrr/S0ND9QEfTfdP9V+SiwT4E0G7Y5MO7p85nis48=
go.opentelemetry.io/otel v1.39.0/go.mod h1:kLlFTywNWrFyEdH0oj2xK0bFYZtHRYUdv1NklR/tgc8=
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.39.0 h1:f0cb2XPmrqn4XMy9PNliTgRKJgS5WcL/u0/WRYGz4t0=
@@ -1325,8 +1323,8 @@ go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.39.0 h1:in9O8
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.39.0/go.mod h1:Rp0EXBm5tfnv0WL+ARyO/PHBEaEAT8UUHQ6AGJcSq6c=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.38.0 h1:aTL7F04bJHUlztTsNGJ2l+6he8c+y/b//eR0jjjemT4=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.38.0/go.mod h1:kldtb7jDTeol0l3ewcmd8SDvx3EmIE7lyvqbasU3QC4=
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.39.0 h1:8UPA4IbVZxpsD76ihGOQiFml99GPAEZLohDXvqHdi6U=
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.39.0/go.mod h1:MZ1T/+51uIVKlRzGw1Fo46KEWThjlCBZKl2LzY5nv4g=
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.38.0 h1:kJxSDN4SgWWTjG/hPp3O7LCGLcHXFlvS2/FFOrwL+SE=
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.38.0/go.mod h1:mgIOzS7iZeKJdeB8/NYHrJ48fdGc71Llo5bJ1J4DWUE=
go.opentelemetry.io/otel/metric v1.39.0 h1:d1UzonvEZriVfpNKEVmHXbdf909uGTOQjA0HF0Ls5Q0=
go.opentelemetry.io/otel/metric v1.39.0/go.mod h1:jrZSWL33sD7bBxg1xjrqyDjnuzTUB0x1nBERXd7Ftcs=
go.opentelemetry.io/otel/sdk v1.39.0 h1:nMLYcjVsvdui1B/4FRkwjzoRVsMK8uL/cj0OyhKzt18=
@@ -1377,8 +1375,8 @@ golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
golang.org/x/crypto v0.47.0 h1:V6e3FRj+n4dbpw86FJ8Fv7XVOql7TEwpHapKoMJ/GO8=
golang.org/x/crypto v0.47.0/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A=
golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU=
golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -1394,8 +1392,8 @@ golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac/go.mod h1:hH+7mtFmImwwcMvScy
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
golang.org/x/image v0.18.0/go.mod h1:4yyo5vMFQjVjUcVk4jEQcU9MGy/rulF5WvUILseCM2E=
golang.org/x/image v0.35.0 h1:LKjiHdgMtO8z7Fh18nGY6KDcoEtVfsgLDPeLyguqb7I=
golang.org/x/image v0.35.0/go.mod h1:MwPLTVgvxSASsxdLzKrl8BRFuyqMyGhLwmC+TO1Sybk=
golang.org/x/image v0.34.0 h1:33gCkyw9hmwbZJeZkct8XyR11yH889EQt/QH4VmXMn8=
golang.org/x/image v0.34.0/go.mod h1:2RNFBZRB+vnwwFil8GkMdRvrJOFd1AzdZI6vOY+eJVU=
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
@@ -1420,8 +1418,8 @@ golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/mod v0.31.0 h1:HaW9xtz0+kOcWKwli0ZXy79Ix+UW/vOfmWI5QVd2tgI=
golang.org/x/mod v0.31.0/go.mod h1:43JraMp9cGx1Rx3AqioxrbrhNsLl2l/iNAvuBkrezpg=
golang.org/x/mod v0.30.0 h1:fDEXFVZ/fmCKProc/yAXXUijritrDzahmwwefnjoPFk=
golang.org/x/mod v0.30.0/go.mod h1:lAsf5O2EvJeSFMiBxXDki7sCgAxEUcZHXoXMKT4GJKc=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -1464,6 +1462,7 @@ golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwY
golang.org/x/net v0.0.0-20210220033124-5f55cee0dc0d/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20211029224645-99673261e6eb/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
@@ -1474,8 +1473,8 @@ golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
golang.org/x/net v0.49.0 h1:eeHFmOGUTtaaPSGNmjBKpbng9MulQsJURQUAfUwY++o=
golang.org/x/net v0.49.0/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8=
golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU=
golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -1587,8 +1586,8 @@ golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ=
golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk=
golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
@@ -1600,8 +1599,8 @@ golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58=
golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
golang.org/x/term v0.39.0 h1:RclSuaJf32jOqZz74CkPA9qFuVTX7vhLlpfj/IGWlqY=
golang.org/x/term v0.39.0/go.mod h1:yxzUCTP/U+FzoxfdKmLaA0RV1WgE0VY7hXBwKtY/4ww=
golang.org/x/term v0.38.0 h1:PQ5pkm/rLO6HnxFR7N2lJHOZX6Kez5Y1gDSJla6jo7Q=
golang.org/x/term v0.38.0/go.mod h1:bSEAKrOT1W+VSu9TSCMtoGEOUcKxOKgl3LE5QEF/xVg=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -1616,8 +1615,8 @@ golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
golang.org/x/text v0.33.0 h1:B3njUFyqtHDUI5jMn1YIr5B0IE2U0qck04r6d4KPAxE=
golang.org/x/text v0.33.0/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8=
golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -1680,8 +1679,8 @@ golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
golang.org/x/tools v0.40.0 h1:yLkxfA+Qnul4cs9QA3KnlFu0lVmd8JJfoq+E41uSutA=
golang.org/x/tools v0.40.0/go.mod h1:Ik/tzLRlbscWpqqMRjyWYDisX8bG13FrdXp3o4Sr9lc=
golang.org/x/tools v0.39.0 h1:ik4ho21kwuQln40uelmciQPp9SipgNDdrafrYA4TmQQ=
golang.org/x/tools v0.39.0/go.mod h1:JnefbkDPyD8UU2kI5fuf8ZX4/yUeh9W877ZeBONxUqQ=
golang.org/x/tools/godoc v0.1.0-deprecated h1:o+aZ1BOj6Hsx/GBdJO/s815sqftjSnrZZwyYTHODvtk=
golang.org/x/tools/godoc v0.1.0-deprecated/go.mod h1:qM63CriJ961IHWmnWa9CjZnBndniPt4a3CK0PVB9bIg=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -1745,10 +1744,10 @@ google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6D
google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb h1:ITgPrl429bc6+2ZraNSzMDk3I95nmQln2fuPstKwFDE=
google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb/go.mod h1:sAo5UzpjUwgFBCzupwhcLcxHVDK7vG5IqI30YnwX2eE=
google.golang.org/genproto/googleapis/api v0.0.0-20260120221211-b8f7ae30c516 h1:vmC/ws+pLzWjj/gzApyoZuSVrDtF1aod4u/+bbj8hgM=
google.golang.org/genproto/googleapis/api v0.0.0-20260120221211-b8f7ae30c516/go.mod h1:p3MLuOwURrGBRoEyFHBT3GjUwaCQVKeNqqWxlcISGdw=
google.golang.org/genproto/googleapis/rpc v0.0.0-20260120221211-b8f7ae30c516 h1:sNrWoksmOyF5bvJUcnmbeAmQi8baNhqg5IWaI3llQqU=
google.golang.org/genproto/googleapis/rpc v0.0.0-20260120221211-b8f7ae30c516/go.mod h1:j9x/tPzZkyxcgEFkiKEEGxfvyumM01BEtsW8xzOahRQ=
google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217 h1:fCvbg86sFXwdrl5LgVcTEvNC+2txB5mgROGmRL5mrls=
google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217/go.mod h1:+rXWjjaukWZun3mLfjmVnQi18E1AsFbDN9QdJ5YXLto=
google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 h1:gRkg/vSppuSQoDjxyiGfN4Upv/h/DQmIR10ZU8dh4Ww=
google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217/go.mod h1:7i2o+ce6H/6BluujYR+kqX3GKH+dChPTQU19wjRPiGk=
google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
google.golang.org/grpc v1.19.1/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=

14
pkg/log/config.go
View File

@@ -1,14 +0,0 @@
package log
import "github.com/opencloud-eu/opencloud/pkg/shared"
// Configure initializes a service-specific logger instance.
func Configure(name string, commons *shared.Commons, localServiceLogLevel string) Logger {
return NewLogger(
Name(name),
Level(localServiceLogLevel),
Pretty(commons.Log.Pretty),
Color(commons.Log.Color),
File(commons.Log.File),
)
}

12
pkg/markdown/markdown.go
View File

@@ -5,7 +5,6 @@ import (
"bytes"
"fmt"
"io"
"regexp"
"strings"
)
@@ -78,7 +77,7 @@ func (md MD) WriteToc(w io.Writer) (int64, error) {
// main title not in toc
continue
}
link := fmt.Sprintf("#%s", toAnchor(h.Header))
link := fmt.Sprintf("#%s", strings.ToLower(strings.Replace(h.Header, " ", "-", -1)))
s := fmt.Sprintf("%s* [%s](%s)\n", strings.Repeat(" ", h.Level-2), h.Header, link)
n, err := w.Write([]byte(s))
if err != nil {
@@ -138,12 +137,3 @@ func headingFromString(s string) Heading {
Header: strings.TrimPrefix(con, " "),
}
}
func toAnchor(header string) string {
// Remove everything except letters, numbers, and spaces
reg := regexp.MustCompile(`[^a-zA-Z0-9 ]+`)
anchor := reg.ReplaceAllString(header, "")
// Replace spaces with hyphens and convert to lowercase
anchor = strings.ReplaceAll(anchor, " ", "-")
return strings.ToLower(anchor)
}

20
pkg/nats/options.go Normal file
View File

@@ -0,0 +1,20 @@
package nats
import (
"crypto/tls"
"github.com/nats-io/nats.go"
)
func Secure(enableTLS, insecure bool, rootCA string) nats.Option {
if enableTLS {
if rootCA != "" {
return nats.RootCAs(rootCA)
}
return nats.Secure(&tls.Config{
MinVersion: tls.VersionTLS12,
InsecureSkipVerify: insecure,
})
}
return nil
}

19
pkg/shared/shared_types.go
View File

@@ -48,14 +48,17 @@ type HTTPServiceTLS struct {
}
type Cache struct {
Store string `yaml:"store" env:"OC_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"1.0.0"`
Nodes []string `yaml:"nodes" env:"OC_CACHE_STORE_NODES" desc:"A comma separated list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store." introductionVersion:"1.0.0"`
Database string `yaml:"database" env:"OC_CACHE_STORE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"1.0.0"`
Table string `yaml:"table" env:"OC_CACHE_STORE_TABLE" desc:"The database table the store should use." introductionVersion:"1.0.0"`
TTL time.Duration `yaml:"ttl" env:"OC_CACHE_TTL" desc:"Time to live for events in the store. The duration can be set as number followed by a unit identifier like s, m or h." introductionVersion:"1.0.0"`
DisablePersistence bool `yaml:"disable_persistence" env:"OC_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"1.0.0"`
AuthUsername string `yaml:"auth_username" env:"OC_CACHE_AUTH_USERNAME" desc:"The username to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"1.0.0"`
AuthPassword string `yaml:"auth_password" env:"OC_CACHE_AUTH_PASSWORD" desc:"The password to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"1.0.0"`
Store string `yaml:"store" env:"OC_CACHE_STORE" desc:"The type of the cache store. Supported values are: 'memory', 'redis-sentinel', 'nats-js-kv', 'noop'. See the text description for details." introductionVersion:"1.0.0"`
Nodes []string `yaml:"nodes" env:"OC_CACHE_STORE_NODES" desc:"A comma separated list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store." introductionVersion:"1.0.0"`
Database string `yaml:"database" env:"OC_CACHE_STORE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"1.0.0"`
Table string `yaml:"table" env:"OC_CACHE_STORE_TABLE" desc:"The database table the store should use." introductionVersion:"1.0.0"`
TTL time.Duration `yaml:"ttl" env:"OC_CACHE_TTL" desc:"Time to live for events in the store. The duration can be set as number followed by a unit identifier like s, m or h." introductionVersion:"1.0.0"`
DisablePersistence bool `yaml:"disable_persistence" env:"OC_CACHE_DISABLE_PERSISTENCE" desc:"Disables persistence of the cache. Only applies when store type 'nats-js-kv' is configured. Defaults to false." introductionVersion:"1.0.0"`
AuthUsername string `yaml:"auth_username" env:"OC_CACHE_AUTH_USERNAME" desc:"The username to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"1.0.0"`
AuthPassword string `yaml:"auth_password" env:"OC_CACHE_AUTH_PASSWORD" desc:"The password to use for authentication. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"1.0.0"`
EnableTLS bool `yaml:"enable_tls" env:"OC_CACHE_ENABLE_TLS" desc:"Enable TLS for the connection to file metadata cache." introductionVersion:"%%NEXT%%"`
TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;OC_CACHE_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"%%NEXT%%"`
TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_CACHE_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided OC_CACHE_TLS_INSECURE will be seen as false." introductionVersion:"%%NEXT%%"`
}
// Commons holds configuration that are common to all extensions. Each extension can then decide whether

16
services/activitylog/pkg/command/server.go
View File

@@ -5,13 +5,10 @@ import (
"fmt"
"github.com/oklog/run"
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/reva/v2/pkg/events"
"github.com/opencloud-eu/reva/v2/pkg/events/stream"
"github.com/opencloud-eu/reva/v2/pkg/rgrpc/todo/pool"
"github.com/opencloud-eu/reva/v2/pkg/store"
"github.com/spf13/cobra"
microstore "go-micro.dev/v4/store"
"github.com/opencloud-eu/opencloud/pkg/config/configlog"
"github.com/opencloud-eu/opencloud/pkg/generators"
@@ -23,6 +20,7 @@ import (
settingssvc "github.com/opencloud-eu/opencloud/protogen/gen/opencloud/services/settings/v0"
"github.com/opencloud-eu/opencloud/services/activitylog/pkg/config"
"github.com/opencloud-eu/opencloud/services/activitylog/pkg/config/parser"
"github.com/opencloud-eu/opencloud/services/activitylog/pkg/logging"
"github.com/opencloud-eu/opencloud/services/activitylog/pkg/metrics"
"github.com/opencloud-eu/opencloud/services/activitylog/pkg/server/debug"
"github.com/opencloud-eu/opencloud/services/activitylog/pkg/server/http"
@@ -55,7 +53,7 @@ func Server(cfg *config.Config) *cobra.Command {
return configlog.ReturnFatal(parser.ParseConfig(cfg))
},
RunE: func(cmd *cobra.Command, args []string) error {
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := logging.Configure(cfg.Service.Name, cfg.Log)
tracerProvider, err := tracing.GetTraceProvider(cmd.Context(), cfg.Commons.TracesExporter, cfg.Service.Name)
if err != nil {
logger.Error().Err(err).Msg("Failed to initialize tracer")
@@ -77,15 +75,6 @@ func Server(cfg *config.Config) *cobra.Command {
return err
}
evStore := store.Create(
store.Store(cfg.Store.Store),
store.TTL(cfg.Store.TTL),
microstore.Nodes(cfg.Store.Nodes...),
microstore.Database(cfg.Store.Database),
microstore.Table(cfg.Store.Table),
store.Authentication(cfg.Store.AuthUsername, cfg.Store.AuthPassword),
)
tm, err := pool.StringToTLSMode(cfg.GRPCClientTLS.Mode)
if err != nil {
logger.Error().Err(err).Msg("Failed to parse tls mode")
@@ -120,7 +109,6 @@ func Server(cfg *config.Config) *cobra.Command {
http.Context(ctx), // NOTE: not passing this "option" leads to a panic in go-micro
http.TraceProvider(tracerProvider),
http.Stream(evStream),
http.Store(evStore),
http.GatewaySelector(gatewaySelector),
http.HistoryClient(hClient),
http.ValueClient(vClient),

19
services/activitylog/pkg/config/config.go
View File

@@ -13,8 +13,7 @@ type Config struct {
Service Service `yaml:"-"`
LogLevel string `yaml:"loglevel" env:"OC_LOG_LEVEL;ACTIVITYLOG_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Log *Log `yaml:"log"`
Debug Debug `yaml:"debug"`
Events Events `yaml:"events"`
@@ -50,13 +49,15 @@ type Events struct {
// Store configures the store to use
type Store struct {
Store string `yaml:"store" env:"OC_PERSISTENT_STORE;ACTIVITYLOG_STORE" desc:"The type of the store. Supported values are: 'memory', 'nats-js-kv', 'redis-sentinel', 'noop'. See the text description for details." introductionVersion:"1.0.0"`
Nodes []string `yaml:"nodes" env:"OC_PERSISTENT_STORE_NODES;ACTIVITYLOG_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"1.0.0"`
Database string `yaml:"database" env:"ACTIVITYLOG_STORE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"1.0.0"`
Table string `yaml:"table" env:"ACTIVITYLOG_STORE_TABLE" desc:"The database table the store should use." introductionVersion:"1.0.0"`
TTL time.Duration `yaml:"ttl" env:"OC_PERSISTENT_STORE_TTL;ACTIVITYLOG_STORE_TTL" desc:"Time to live for events in the store. See the Environment Variable Types description for more details." introductionVersion:"1.0.0"`
AuthUsername string `yaml:"username" env:"OC_PERSISTENT_STORE_AUTH_USERNAME;ACTIVITYLOG_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"1.0.0"`
AuthPassword string `yaml:"password" env:"OC_PERSISTENT_STORE_AUTH_PASSWORD;ACTIVITYLOG_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"1.0.0"`
Store string `yaml:"store" env:"OC_PERSISTENT_STORE;ACTIVITYLOG_STORE" desc:"The type of the store. Supported values are: 'memory', 'nats-js-kv', 'redis-sentinel', 'noop'. See the text description for details." introductionVersion:"1.0.0"`
Nodes []string `yaml:"nodes" env:"OC_PERSISTENT_STORE_NODES;ACTIVITYLOG_STORE_NODES" desc:"A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details." introductionVersion:"1.0.0"`
Database string `yaml:"database" env:"ACTIVITYLOG_STORE_DATABASE" desc:"The database name the configured store should use." introductionVersion:"1.0.0"`
TTL time.Duration `yaml:"ttl" env:"OC_PERSISTENT_STORE_TTL;ACTIVITYLOG_STORE_TTL" desc:"Time to live for events in the store. See the Environment Variable Types description for more details." introductionVersion:"1.0.0"`
AuthUsername string `yaml:"username" env:"OC_PERSISTENT_STORE_AUTH_USERNAME;ACTIVITYLOG_STORE_AUTH_USERNAME" desc:"The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"1.0.0"`
AuthPassword string `yaml:"password" env:"OC_PERSISTENT_STORE_AUTH_PASSWORD;ACTIVITYLOG_STORE_AUTH_PASSWORD" desc:"The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"1.0.0"`
EnableTLS bool `yaml:"enable_tls" env:"OC_PERSISTENT_STORE_ENABLE_TLS;ACTIVITYLOG_STORE_ENABLE_TLS" desc:"Enable TLS for the connection to the store. Only applies when store type 'nats-js-kv' is configured." introductionVersion:"%%NEXT%%"`
TLSInsecure bool `yaml:"tls_insecure" env:"OC_INSECURE;OC_PERSISTENT_STORE_TLS_INSECURE;ACTIVITYLOG_STORE_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"%%NEXT%%"`
TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_PERSISTENT_STORE_TLS_ROOT_CA_CERTIFICATE;ACTIVITYLOG_STORE_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided ACTIVITYLOG_STORE_TLS_INSECURE will be seen as false." introductionVersion:"%%NEXT%%"`
}
// ServiceAccount is the configuration for the used service account

14
services/activitylog/pkg/config/defaults/defaultconfig.go
View File

@@ -37,7 +37,6 @@ func DefaultConfig() *config.Config {
Store: "nats-js-kv",
Nodes: []string{"127.0.0.1:9233"},
Database: "activitylog",
Table: "",
},
RevaGateway: shared.DefaultRevaConfig().Address,
DefaultLanguage: "en",
@@ -59,9 +58,18 @@ func DefaultConfig() *config.Config {
// EnsureDefaults ensures the config contains default values
func EnsureDefaults(cfg *config.Config) {
if cfg.LogLevel == "" {
cfg.LogLevel = "error"
// provide with defaults for shared logging, since we need a valid destination address for "envdecode".
if cfg.Log == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Log = &config.Log{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Log == nil {
cfg.Log = &config.Log{}
}
if cfg.GRPCClientTLS == nil && cfg.Commons != nil {
cfg.GRPCClientTLS = structs.CopyOrZeroValue(cfg.Commons.GRPCClientTLS)
}

9
services/activitylog/pkg/config/log.go Normal file
View File

@@ -0,0 +1,9 @@
package config
// Log defines the available log configuration.
type Log struct {
Level string `mapstructure:"level" env:"OC_LOG_LEVEL;ACTIVITYLOG_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;ACTIVITYLOG_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"1.0.0"`
Color bool `mapstructure:"color" env:"OC_LOG_COLOR;ACTIVITYLOG_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"1.0.0"`
File string `mapstructure:"file" env:"OC_LOG_FILE;ACTIVITYLOG_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"1.0.0"`
}

17
services/activitylog/pkg/logging/logging.go Normal file
View File

@@ -0,0 +1,17 @@
package logging
import (
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/services/activitylog/pkg/config"
)
// Configure initializes a service-specific logger instance.
func Configure(name string, cfg *config.Log) log.Logger {
return log.NewLogger(
log.Name(name),
log.Level(cfg.Level),
log.Pretty(cfg.Pretty),
log.Color(cfg.Color),
log.File(cfg.File),
)
}

8
services/activitylog/pkg/server/debug/server.go
View File

@@ -5,6 +5,7 @@ import (
"github.com/opencloud-eu/opencloud/pkg/checks"
"github.com/opencloud-eu/opencloud/pkg/handlers"
"github.com/opencloud-eu/opencloud/pkg/nats"
"github.com/opencloud-eu/opencloud/pkg/service/debug"
"github.com/opencloud-eu/opencloud/pkg/version"
)
@@ -17,8 +18,13 @@ func Server(opts ...Option) (*http.Server, error) {
WithLogger(options.Logger).
WithCheck("http reachability", checks.NewHTTPCheck(options.Config.HTTP.Addr))
secureOption := nats.Secure(
options.Config.Events.EnableTLS,
options.Config.Events.TLSInsecure,
options.Config.Events.TLSRootCACertificate,
)
readyHandlerConfiguration := healthHandlerConfiguration.
WithCheck("nats reachability", checks.NewNatsCheck(options.Config.Events.Endpoint))
WithCheck("nats reachability", checks.NewNatsCheck(options.Config.Events.Endpoint, secureOption))
return debug.NewService(
debug.Logger(options.Logger),

1
services/activitylog/pkg/server/http/server.go
View File

@@ -81,7 +81,6 @@ func Server(opts ...Option) (http.Service, error) {
svc.Logger(options.Logger),
svc.Stream(options.Stream),
svc.Mux(mux),
svc.Store(options.Store),
svc.Config(options.Config),
svc.GatewaySelector(options.GatewaySelector),
svc.TraceProvider(options.TraceProvider),

2
services/activitylog/pkg/service/l10n/locale/ca/LC_MESSAGES/activitylog.po
View File

@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: EMAIL\n"
"POT-Creation-Date: 2026-01-09 00:08+0000\n"
"POT-Creation-Date: 2025-12-20 00:05+0000\n"
"PO-Revision-Date: 2025-01-27 10:17+0000\n"
"Last-Translator: Ivan Fustero, 2025\n"
"Language-Team: Catalan (https://app.transifex.com/opencloud-eu/teams/204053/ca/)\n"

2
services/activitylog/pkg/service/l10n/locale/de/LC_MESSAGES/activitylog.po
View File

@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: EMAIL\n"
"POT-Creation-Date: 2026-01-09 00:08+0000\n"
"POT-Creation-Date: 2025-12-20 00:05+0000\n"
"PO-Revision-Date: 2025-01-27 10:17+0000\n"
"Last-Translator: Jörn Friedrich Dreyer <jfd@butonic.de>, 2025\n"
"Language-Team: German (https://app.transifex.com/opencloud-eu/teams/204053/de/)\n"

2
services/activitylog/pkg/service/l10n/locale/es/LC_MESSAGES/activitylog.po
View File

@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: EMAIL\n"
"POT-Creation-Date: 2026-01-09 00:08+0000\n"
"POT-Creation-Date: 2025-12-20 00:05+0000\n"
"PO-Revision-Date: 2025-01-27 10:17+0000\n"
"Last-Translator: Elías Martín, 2025\n"
"Language-Team: Spanish (https://app.transifex.com/opencloud-eu/teams/204053/es/)\n"

2
services/activitylog/pkg/service/l10n/locale/fi/LC_MESSAGES/activitylog.po
View File

@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: EMAIL\n"
"POT-Creation-Date: 2026-01-25 00:11+0000\n"
"POT-Creation-Date: 2026-01-05 00:06+0000\n"
"PO-Revision-Date: 2025-01-27 10:17+0000\n"
"Last-Translator: Jiri Grönroos <jiri.gronroos@iki.fi>, 2025\n"
"Language-Team: Finnish (https://app.transifex.com/opencloud-eu/teams/204053/fi/)\n"

2
services/activitylog/pkg/service/l10n/locale/fr/LC_MESSAGES/activitylog.po
View File

@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: EMAIL\n"
"POT-Creation-Date: 2026-01-09 00:08+0000\n"
"POT-Creation-Date: 2025-12-20 00:05+0000\n"
"PO-Revision-Date: 2025-01-27 10:17+0000\n"
"Last-Translator: eric_G <junk.eg@free.fr>, 2025\n"
"Language-Team: French (https://app.transifex.com/opencloud-eu/teams/204053/fr/)\n"

2
services/activitylog/pkg/service/l10n/locale/it/LC_MESSAGES/activitylog.po
View File

@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: EMAIL\n"
"POT-Creation-Date: 2026-01-09 00:08+0000\n"
"POT-Creation-Date: 2025-12-20 00:05+0000\n"
"PO-Revision-Date: 2025-01-27 10:17+0000\n"
"Last-Translator: Simone Broglia, 2025\n"
"Language-Team: Italian (https://app.transifex.com/opencloud-eu/teams/204053/it/)\n"

2
services/activitylog/pkg/service/l10n/locale/ko/LC_MESSAGES/activitylog.po
View File

@@ -12,7 +12,7 @@ msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: EMAIL\n"
"POT-Creation-Date: 2026-01-09 00:08+0000\n"
"POT-Creation-Date: 2025-12-20 00:05+0000\n"
"PO-Revision-Date: 2025-01-27 10:17+0000\n"
"Last-Translator: Junghyuk Kwon <kwon@junghy.uk>, 2025\n"
"Language-Team: Korean (https://app.transifex.com/opencloud-eu/teams/204053/ko/)\n"

2
services/activitylog/pkg/service/l10n/locale/nl/LC_MESSAGES/activitylog.po
View File

@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: EMAIL\n"
"POT-Creation-Date: 2026-01-12 00:08+0000\n"
"POT-Creation-Date: 2025-12-23 00:05+0000\n"
"PO-Revision-Date: 2025-01-27 10:17+0000\n"
"Last-Translator: Stephan Paternotte <stephan@paternottes.net>, 2025\n"
"Language-Team: Dutch (https://app.transifex.com/opencloud-eu/teams/204053/nl/)\n"

2
services/activitylog/pkg/service/l10n/locale/pt/LC_MESSAGES/activitylog.po
View File

@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: EMAIL\n"
"POT-Creation-Date: 2026-01-22 00:11+0000\n"
"POT-Creation-Date: 2026-01-02 00:06+0000\n"
"PO-Revision-Date: 2025-01-27 10:17+0000\n"
"Last-Translator: Mário Machado, 2025\n"
"Language-Team: Portuguese (https://app.transifex.com/opencloud-eu/teams/204053/pt/)\n"

2
services/activitylog/pkg/service/l10n/locale/ru/LC_MESSAGES/activitylog.po
View File

@@ -12,7 +12,7 @@ msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: EMAIL\n"
"POT-Creation-Date: 2026-01-12 00:08+0000\n"
"POT-Creation-Date: 2025-12-23 00:05+0000\n"
"PO-Revision-Date: 2025-01-27 10:17+0000\n"
"Last-Translator: Lulufox, 2025\n"
"Language-Team: Russian (https://app.transifex.com/opencloud-eu/teams/204053/ru/)\n"

2
services/activitylog/pkg/service/l10n/locale/vi/LC_MESSAGES/activitylog.po
View File

@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: EMAIL\n"
"POT-Creation-Date: 2026-01-26 00:11+0000\n"
"POT-Creation-Date: 2026-01-06 00:06+0000\n"
"PO-Revision-Date: 2025-01-27 10:17+0000\n"
"Last-Translator: Quan Tran, 2025\n"
"Language-Team: Vietnamese (https://app.transifex.com/opencloud-eu/teams/204053/vi/)\n"

2
services/activitylog/pkg/service/l10n/locale/zh/LC_MESSAGES/activitylog.po
View File

@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: EMAIL\n"
"POT-Creation-Date: 2026-01-09 00:08+0000\n"
"POT-Creation-Date: 2025-12-20 00:05+0000\n"
"PO-Revision-Date: 2025-01-27 10:17+0000\n"
"Last-Translator: YQS Yang, 2025\n"
"Language-Team: Chinese (https://app.transifex.com/opencloud-eu/teams/204053/zh/)\n"

9
services/activitylog/pkg/service/options.go
View File

@@ -11,7 +11,6 @@ import (
"github.com/opencloud-eu/opencloud/services/activitylog/pkg/config"
"github.com/opencloud-eu/reva/v2/pkg/events"
"github.com/opencloud-eu/reva/v2/pkg/rgrpc/todo/pool"
microstore "go-micro.dev/v4/store"
"go.opentelemetry.io/otel/trace"
)
@@ -25,7 +24,6 @@ type Options struct {
TraceProvider trace.TracerProvider
Stream events.Stream
RegisteredEvents []events.Unmarshaller
Store microstore.Store
GatewaySelector pool.Selectable[gateway.GatewayAPIClient]
Mux *chi.Mux
HistoryClient ehsvc.EventHistoryService
@@ -69,13 +67,6 @@ func RegisteredEvents(e []events.Unmarshaller) Option {
}
}
// Store configures the store to use
func Store(store microstore.Store) Option {
return func(o *Options) {
o.Store = store
}
}
// GatewaySelector adds a grpc client selector for the gateway service
func GatewaySelector(gatewaySelector pool.Selectable[gateway.GatewayAPIClient]) Option {
return func(o *Options) {

13
services/activitylog/pkg/service/service.go
View File

@@ -2,6 +2,7 @@ package service
import (
"context"
"crypto/tls"
"encoding/base32"
"encoding/json"
"fmt"
@@ -166,6 +167,18 @@ func New(opts ...Option) (*ActivitylogService, error) {
natsOptions := nats.Options{
Servers: o.Config.Store.Nodes,
}
if o.Config.Store.EnableTLS {
if o.Config.Store.TLSRootCACertificate != "" {
// when root ca is configured use it. an insecure flag is ignored.
nats.RootCAs(o.Config.Store.TLSRootCACertificate)(&natsOptions)
} else {
// enable tls and use insecure flag
nats.Secure(&tls.Config{MinVersion: tls.VersionTLS12, InsecureSkipVerify: o.Config.Store.TLSInsecure})(&natsOptions)
}
}
if o.Config.Store.AuthUsername != "" && o.Config.Store.AuthPassword != "" {
nats.UserInfo(o.Config.Store.AuthUsername, o.Config.Store.AuthPassword)(&natsOptions)
}
conn, err := natsOptions.Connect()
if err != nil {
return nil, err

8
services/antivirus/pkg/command/health.go
View File

@@ -21,7 +21,13 @@ func Health(cfg *config.Config) *cobra.Command {
return configlog.ReturnError(parser.ParseConfig(cfg))
},
RunE: func(cmd *cobra.Command, args []string) error {
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := log.NewLogger(
log.Name(cfg.Service.Name),
log.Level(cfg.Log.Level),
log.Pretty(cfg.Log.Pretty),
log.Color(cfg.Log.Color),
log.File(cfg.Log.File),
)
resp, err := http.Get(
fmt.Sprintf(

9
services/antivirus/pkg/command/server.go
View File

@@ -32,7 +32,14 @@ func Server(cfg *config.Config) *cobra.Command {
defer cancel()
}
ctx := cfg.Context
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := log.NewLogger(
log.Name(cfg.Service.Name),
log.Level(cfg.Log.Level),
log.Pretty(cfg.Log.Pretty),
log.Color(cfg.Log.Color),
log.File(cfg.Log.File),
)
traceProvider, err := tracing.GetTraceProvider(cmd.Context(), cfg.Commons.TracesExporter, cfg.Service.Name)
if err != nil {

17
services/antivirus/pkg/config/config.go
View File

@@ -29,10 +29,11 @@ const (
// Config combines all available configuration parts.
type Config struct {
Commons *shared.Commons `yaml:"-"` // don't use this directly as configuration for a service
File string
LogLevel string `yaml:"loglevel" env:"OC_LOG_LEVEL;ANTIVIRUS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Debug Debug `yaml:"debug" mask:"struct"`
Commons *shared.Commons `yaml:"-"` // don't use this directly as configuration for a service
File string
Log *Log
Debug Debug `yaml:"debug" mask:"struct"`
Service Service `yaml:"-"`
@@ -54,6 +55,14 @@ type Service struct {
Name string `yaml:"-"`
}
// Log defines the available log configuration.
type Log struct {
Level string `mapstructure:"level" env:"OC_LOG_LEVEL;ANTIVIRUS_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Pretty bool `mapstructure:"pretty" env:"OC_LOG_PRETTY;ANTIVIRUS_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"1.0.0"`
Color bool `mapstructure:"color" env:"OC_LOG_COLOR;ANTIVIRUS_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"1.0.0"`
File string `mapstructure:"file" env:"OC_LOG_FILE;ANTIVIRUS_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"1.0.0"`
}
// Debug defines the available debug configuration.
type Debug struct {
Addr string `yaml:"addr" env:"ANTIVIRUS_DEBUG_ADDR" desc:"Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed." introductionVersion:"1.0.0"`

4
services/antivirus/pkg/config/defaults/defaultconfig.go
View File

@@ -51,8 +51,8 @@ func DefaultConfig() *config.Config {
// EnsureDefaults adds default values to the configuration if they are not set yet
func EnsureDefaults(cfg *config.Config) {
if cfg.LogLevel == "" {
cfg.LogLevel = "error"
if cfg.Log == nil {
cfg.Log = &config.Log{}
}
}

8
services/antivirus/pkg/server/debug/server.go
View File

@@ -10,6 +10,7 @@ import (
"github.com/opencloud-eu/opencloud/pkg/checks"
"github.com/opencloud-eu/opencloud/pkg/handlers"
"github.com/opencloud-eu/opencloud/pkg/nats"
"github.com/opencloud-eu/opencloud/pkg/service/debug"
"github.com/opencloud-eu/opencloud/pkg/version"
)
@@ -18,9 +19,14 @@ import (
func Server(opts ...Option) (*http.Server, error) {
options := newOptions(opts...)
secureOption := nats.Secure(
options.Config.Events.EnableTLS,
options.Config.Events.TLSInsecure,
options.Config.Events.TLSRootCACertificate,
)
readyHandlerConfiguration := handlers.NewCheckHandlerConfiguration().
WithLogger(options.Logger).
WithCheck("nats reachability", checks.NewNatsCheck(options.Config.Events.Endpoint)).
WithCheck("nats reachability", checks.NewNatsCheck(options.Config.Events.Endpoint, secureOption)).
WithCheck("antivirus reachability", func(ctx context.Context) error {
cfg := options.Config
switch cfg.Scanner.Type {

4
services/app-provider/pkg/command/health.go
View File

@@ -5,9 +5,9 @@ import (
"net/http"
"github.com/opencloud-eu/opencloud/pkg/config/configlog"
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/services/app-provider/pkg/config"
"github.com/opencloud-eu/opencloud/services/app-provider/pkg/config/parser"
"github.com/opencloud-eu/opencloud/services/app-provider/pkg/logging"
"github.com/spf13/cobra"
)
@@ -20,7 +20,7 @@ func Health(cfg *config.Config) *cobra.Command {
return configlog.ReturnError(parser.ParseConfig(cfg))
},
RunE: func(cmd *cobra.Command, args []string) error {
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := logging.Configure(cfg.Service.Name, cfg.Log)
resp, err := http.Get(
fmt.Sprintf(

4
services/app-provider/pkg/command/server.go
View File

@@ -5,7 +5,6 @@ import (
"fmt"
"os/signal"
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/reva/v2/cmd/revad/runtime"
"github.com/spf13/cobra"
@@ -16,6 +15,7 @@ import (
"github.com/opencloud-eu/opencloud/pkg/version"
"github.com/opencloud-eu/opencloud/services/app-provider/pkg/config"
"github.com/opencloud-eu/opencloud/services/app-provider/pkg/config/parser"
"github.com/opencloud-eu/opencloud/services/app-provider/pkg/logging"
"github.com/opencloud-eu/opencloud/services/app-provider/pkg/revaconfig"
"github.com/opencloud-eu/opencloud/services/app-provider/pkg/server/debug"
)
@@ -29,7 +29,7 @@ func Server(cfg *config.Config) *cobra.Command {
return configlog.ReturnFatal(parser.ParseConfig(cfg))
},
RunE: func(cmd *cobra.Command, args []string) error {
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := logging.Configure(cfg.Service.Name, cfg.Log)
traceProvider, err := tracing.GetTraceProvider(cmd.Context(), cfg.Commons.TracesExporter, cfg.Service.Name)
if err != nil {
return err

15
services/app-provider/pkg/config/config.go
View File

@@ -7,10 +7,10 @@ import (
)
type Config struct {
Commons *shared.Commons `yaml:"-"` // don't use this directly as configuration for a service
Service Service `yaml:"-"`
LogLevel string `yaml:"loglevel" env:"OC_LOG_LEVEL;APP_PROVIDER_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Debug Debug `yaml:"debug"`
Commons *shared.Commons `yaml:"-"` // don't use this directly as configuration for a service
Service Service `yaml:"-"`
Log *Log `yaml:"log"`
Debug Debug `yaml:"debug"`
GRPC GRPCConfig `yaml:"grpc"`
@@ -24,6 +24,13 @@ type Config struct {
Context context.Context `yaml:"-"`
}
type Log struct {
Level string `yaml:"level" env:"OC_LOG_LEVEL;APP_PROVIDER_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;APP_PROVIDER_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"1.0.0"`
Color bool `yaml:"color" env:"OC_LOG_COLOR;APP_PROVIDER_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"1.0.0"`
File string `yaml:"file" env:"OC_LOG_FILE;APP_PROVIDER_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"1.0.0"`
}
type Debug struct {
Addr string `yaml:"addr" env:"APP_PROVIDER_DEBUG_ADDR" desc:"Bind address of the debug server, where metrics, health, config and debug endpoints will be exposed." introductionVersion:"1.0.0"`
Token string `yaml:"token" env:"APP_PROVIDER_DEBUG_TOKEN" desc:"Token to secure the metrics endpoint" introductionVersion:"1.0.0"`

12
services/app-provider/pkg/config/defaults/defaultconfig.go
View File

@@ -45,8 +45,16 @@ func DefaultConfig() *config.Config {
// EnsureDefaults adds default values to the configuration if they are not set yet
func EnsureDefaults(cfg *config.Config) {
if cfg.LogLevel == "" {
cfg.LogLevel = "error"
// provide with defaults for shared logging, since we need a valid destination address for "envdecode".
if cfg.Log == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Log = &config.Log{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Log == nil {
cfg.Log = &config.Log{}
}
if cfg.Reva == nil && cfg.Commons != nil {

17
services/app-provider/pkg/logging/logging.go Normal file
View File

@@ -0,0 +1,17 @@
package logging
import (
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/services/app-provider/pkg/config"
)
// Configure initializes a service-specific logger instance.
func Configure(name string, cfg *config.Log) log.Logger {
return log.NewLogger(
log.Name(name),
log.Level(cfg.Level),
log.Pretty(cfg.Pretty),
log.Color(cfg.Color),
log.File(cfg.File),
)
}

5
services/app-registry/pkg/command/health.go
View File

@@ -5,10 +5,9 @@ import (
"net/http"
"github.com/opencloud-eu/opencloud/pkg/config/configlog"
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/services/app-registry/pkg/config"
"github.com/opencloud-eu/opencloud/services/app-registry/pkg/config/parser"
"github.com/opencloud-eu/opencloud/services/app-registry/pkg/logging"
"github.com/spf13/cobra"
)
@@ -21,7 +20,7 @@ func Health(cfg *config.Config) *cobra.Command {
return configlog.ReturnError(parser.ParseConfig(cfg))
},
RunE: func(cmd *cobra.Command, args []string) error {
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := logging.Configure(cfg.Service.Name, cfg.Log)
resp, err := http.Get(
fmt.Sprintf(

5
services/app-registry/pkg/command/server.go
View File

@@ -6,17 +6,16 @@ import (
"os/signal"
"github.com/opencloud-eu/opencloud/pkg/config/configlog"
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/pkg/registry"
"github.com/opencloud-eu/opencloud/pkg/runner"
"github.com/opencloud-eu/opencloud/pkg/tracing"
"github.com/opencloud-eu/opencloud/pkg/version"
"github.com/opencloud-eu/opencloud/services/app-registry/pkg/config"
"github.com/opencloud-eu/opencloud/services/app-registry/pkg/config/parser"
"github.com/opencloud-eu/opencloud/services/app-registry/pkg/logging"
"github.com/opencloud-eu/opencloud/services/app-registry/pkg/revaconfig"
"github.com/opencloud-eu/opencloud/services/app-registry/pkg/server/debug"
"github.com/opencloud-eu/reva/v2/cmd/revad/runtime"
"github.com/spf13/cobra"
)
@@ -29,7 +28,7 @@ func Server(cfg *config.Config) *cobra.Command {
return configlog.ReturnFatal(parser.ParseConfig(cfg))
},
RunE: func(cmd *cobra.Command, args []string) error {
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := logging.Configure(cfg.Service.Name, cfg.Log)
traceProvider, err := tracing.GetTraceProvider(cmd.Context(), cfg.Commons.TracesExporter, cfg.Service.Name)
if err != nil {
return err

14
services/app-registry/pkg/config/config.go
View File

@@ -9,10 +9,9 @@ import (
type Config struct {
Commons *shared.Commons `yaml:"-"` // don't use this directly as configuration for a service
Service Service `yaml:"-"`
LogLevel string `yaml:"loglevel" env:"OC_LOG_LEVEL;APP_REGISTRY_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Debug Debug `yaml:"debug"`
Service Service `yaml:"-"`
Log *Log `yaml:"log"`
Debug Debug `yaml:"debug"`
GRPC GRPCConfig `yaml:"grpc"`
@@ -24,6 +23,13 @@ type Config struct {
Context context.Context `yaml:"-"`
}
type Log struct {
Level string `yaml:"level" env:"OC_LOG_LEVEL;APP_REGISTRY_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;APP_REGISTRY_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"1.0.0"`
Color bool `yaml:"color" env:"OC_LOG_COLOR;APP_REGISTRY_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"1.0.0"`
File string `yaml:"file" env:"OC_LOG_FILE;APP_REGISTRY_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"1.0.0"`
}
type Service struct {
Name string `yaml:"-"`
}

12
services/app-registry/pkg/config/defaults/defaultconfig.go
View File

@@ -122,8 +122,16 @@ func defaultMimeTypeConfig() []config.MimeTypeConfig {
// EnsureDefaults adds default values to the configuration if they are not set yet
func EnsureDefaults(cfg *config.Config) {
if cfg.LogLevel == "" {
cfg.LogLevel = "error"
// provide with defaults for shared logging, since we need a valid destination address for "envdecode".
if cfg.Log == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Log = &config.Log{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Log == nil {
cfg.Log = &config.Log{}
}
if cfg.Reva == nil && cfg.Commons != nil {

17
services/app-registry/pkg/logging/logging.go Normal file
View File

@@ -0,0 +1,17 @@
package logging
import (
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/services/app-registry/pkg/config"
)
// Configure initializes a service-specific logger instance.
func Configure(name string, cfg *config.Log) log.Logger {
return log.NewLogger(
log.Name(name),
log.Level(cfg.Level),
log.Pretty(cfg.Pretty),
log.Color(cfg.Color),
log.File(cfg.File),
)
}

5
services/audit/pkg/command/server.go
View File

@@ -7,10 +7,10 @@ import (
"github.com/opencloud-eu/opencloud/pkg/config/configlog"
"github.com/opencloud-eu/opencloud/pkg/generators"
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/pkg/runner"
"github.com/opencloud-eu/opencloud/services/audit/pkg/config"
"github.com/opencloud-eu/opencloud/services/audit/pkg/config/parser"
"github.com/opencloud-eu/opencloud/services/audit/pkg/logging"
"github.com/opencloud-eu/opencloud/services/audit/pkg/server/debug"
svc "github.com/opencloud-eu/opencloud/services/audit/pkg/service"
"github.com/opencloud-eu/opencloud/services/audit/pkg/types"
@@ -35,7 +35,8 @@ func Server(cfg *config.Config) *cobra.Command {
defer cancel()
}
ctx := cfg.Context
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := logging.Configure(cfg.Service.Name, cfg.Log)
gr := runner.NewGroup()
connName := generators.GenerateConnectionName(cfg.Service.Name, generators.NTypeBus)

10
services/audit/pkg/config/config.go
View File

@@ -8,10 +8,12 @@ import (
// Config combines all available configuration parts.
type Config struct {
Commons *shared.Commons `yaml:"-"` // don't use this directly as configuration for a service
Service Service `yaml:"-"`
LogLevel string `yaml:"loglevel" env:"OC_LOG_LEVEL;AUDIT_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Debug Debug `yaml:"debug"`
Commons *shared.Commons `yaml:"-"` // don't use this directly as configuration for a service
Service Service `yaml:"-"`
Log *Log `yaml:"log"`
Debug Debug `yaml:"debug"`
Events Events `yaml:"events"`
Auditlog Auditlog `yaml:"auditlog"`

12
services/audit/pkg/config/defaults/defaultconfig.go
View File

@@ -37,8 +37,16 @@ func DefaultConfig() *config.Config {
// EnsureDefaults adds default values to the configuration if they are not set yet
func EnsureDefaults(cfg *config.Config) {
if cfg.LogLevel == "" {
cfg.LogLevel = "error"
// provide with defaults for shared logging, since we need a valid destination address for "envdecode".
if cfg.Log == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Log = &config.Log{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Log == nil {
cfg.Log = &config.Log{}
}
}

9
services/audit/pkg/config/log.go Normal file
View File

@@ -0,0 +1,9 @@
package config
// Log defines the available log configuration.
type Log struct {
Level string `yaml:"level" env:"OC_LOG_LEVEL;AUDIT_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;AUDIT_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"1.0.0"`
Color bool `yaml:"color" env:"OC_LOG_COLOR;AUDIT_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"1.0.0"`
File string `yaml:"file" env:"OC_LOG_FILE;AUDIT_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"1.0.0"`
}

17
services/audit/pkg/logging/logging.go Normal file
View File

@@ -0,0 +1,17 @@
package logging
import (
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/services/audit/pkg/config"
)
// Configure initializes a service-specific logger instance.
func Configure(name string, cfg *config.Log) log.Logger {
return log.NewLogger(
log.Name(name),
log.Level(cfg.Level),
log.Pretty(cfg.Pretty),
log.Color(cfg.Color),
log.File(cfg.File),
)
}

8
services/audit/pkg/server/debug/server.go
View File

@@ -5,6 +5,7 @@ import (
"github.com/opencloud-eu/opencloud/pkg/checks"
"github.com/opencloud-eu/opencloud/pkg/handlers"
"github.com/opencloud-eu/opencloud/pkg/nats"
"github.com/opencloud-eu/opencloud/pkg/service/debug"
"github.com/opencloud-eu/opencloud/pkg/version"
)
@@ -13,9 +14,14 @@ import (
func Server(opts ...Option) (*http.Server, error) {
options := newOptions(opts...)
secureOption := nats.Secure(
options.Config.Events.EnableTLS,
options.Config.Events.TLSInsecure,
options.Config.Events.TLSRootCACertificate,
)
readyHandlerConfiguration := handlers.NewCheckHandlerConfiguration().
WithLogger(options.Logger).
WithCheck("nats reachability", checks.NewNatsCheck(options.Config.Events.Endpoint))
WithCheck("nats reachability", checks.NewNatsCheck(options.Config.Events.Endpoint, secureOption))
return debug.NewService(
debug.Logger(options.Logger),

4
services/auth-app/pkg/command/health.go
View File

@@ -5,9 +5,9 @@ import (
"net/http"
"github.com/opencloud-eu/opencloud/pkg/config/configlog"
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/services/auth-app/pkg/config"
"github.com/opencloud-eu/opencloud/services/auth-app/pkg/config/parser"
"github.com/opencloud-eu/opencloud/services/auth-app/pkg/logging"
"github.com/spf13/cobra"
)
@@ -21,7 +21,7 @@ func Health(cfg *config.Config) *cobra.Command {
return configlog.ReturnError(parser.ParseConfig(cfg))
},
RunE: func(cmd *cobra.Command, args []string) error {
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := logging.Configure(cfg.Service.Name, cfg.Log)
resp, err := http.Get(
fmt.Sprintf(

4
services/auth-app/pkg/command/server.go
View File

@@ -6,7 +6,6 @@ import (
"os/signal"
"github.com/opencloud-eu/opencloud/pkg/config/configlog"
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/pkg/registry"
"github.com/opencloud-eu/opencloud/pkg/runner"
ogrpc "github.com/opencloud-eu/opencloud/pkg/service/grpc"
@@ -15,6 +14,7 @@ import (
settingssvc "github.com/opencloud-eu/opencloud/protogen/gen/opencloud/services/settings/v0"
"github.com/opencloud-eu/opencloud/services/auth-app/pkg/config"
"github.com/opencloud-eu/opencloud/services/auth-app/pkg/config/parser"
"github.com/opencloud-eu/opencloud/services/auth-app/pkg/logging"
"github.com/opencloud-eu/opencloud/services/auth-app/pkg/revaconfig"
"github.com/opencloud-eu/opencloud/services/auth-app/pkg/server/debug"
"github.com/opencloud-eu/opencloud/services/auth-app/pkg/server/http"
@@ -37,7 +37,7 @@ func Server(cfg *config.Config) *cobra.Command {
fmt.Println("WARNING: Impersonation is enabled. Admins can impersonate all users.")
}
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := logging.Configure(cfg.Service.Name, cfg.Log)
traceProvider, err := tracing.GetTraceProvider(cmd.Context(), cfg.Commons.TracesExporter, cfg.Service.Name)
if err != nil {
return err

16
services/auth-app/pkg/config/config.go
View File

@@ -8,10 +8,10 @@ import (
// Config defines the root config structure
type Config struct {
Commons *shared.Commons `yaml:"-"` // don't use this directly as configuration for a service
Service Service `yaml:"-"`
LogLevel string `yaml:"loglevel" env:"OC_LOG_LEVEL;AUTH_APP_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Debug Debug `yaml:"debug"`
Commons *shared.Commons `yaml:"-"` // don't use this directly as configuration for a service
Service Service `yaml:"-"`
Log *Log `yaml:"log"`
Debug Debug `yaml:"debug"`
GRPC GRPCConfig `yaml:"grpc"`
HTTP HTTP `yaml:"http"`
@@ -61,6 +61,14 @@ type RandPWOpts struct {
PasswordLength int `yaml:"password_length" env:"AUTH_APP_JSONCS3_RANDOM_PASSWORD_LENGTH" desc:"The number of charactors the generated passwords will have." introductionVersion:"4.0.0"`
}
// Log defines the loging configuration
type Log struct {
Level string `yaml:"level" env:"OC_LOG_LEVEL;AUTH_APP_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;AUTH_APP_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"1.0.0"`
Color bool `yaml:"color" env:"OC_LOG_COLOR;AUTH_APP_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"1.0.0"`
File string `yaml:"file" env:"OC_LOG_FILE;AUTH_APP_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"1.0.0"`
}
// Service defines the service configuration
type Service struct {
Name string `yaml:"-"`

12
services/auth-app/pkg/config/defaults/defaultconfig.go
View File

@@ -63,8 +63,16 @@ func DefaultConfig() *config.Config {
// EnsureDefaults adds default values to the configuration if they are not set yet
func EnsureDefaults(cfg *config.Config) {
if cfg.LogLevel == "" {
cfg.LogLevel = "error"
// provide with defaults for shared logging, since we need a valid destination address for "envdecode".
if cfg.Log == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Log = &config.Log{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Log == nil {
cfg.Log = &config.Log{}
}
if cfg.GRPCClientTLS == nil && cfg.Commons != nil {

17
services/auth-app/pkg/logging/logging.go Normal file
View File

@@ -0,0 +1,17 @@
package logging
import (
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/services/auth-app/pkg/config"
)
// Configure initializes a service-specific logger instance.
func Configure(name string, cfg *config.Log) log.Logger {
return log.NewLogger(
log.Name(name),
log.Level(cfg.Level),
log.Pretty(cfg.Pretty),
log.Color(cfg.Color),
log.File(cfg.File),
)
}

4
services/auth-basic/pkg/command/health.go
View File

@@ -5,9 +5,9 @@ import (
"net/http"
"github.com/opencloud-eu/opencloud/pkg/config/configlog"
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/services/auth-basic/pkg/config"
"github.com/opencloud-eu/opencloud/services/auth-basic/pkg/config/parser"
"github.com/opencloud-eu/opencloud/services/auth-basic/pkg/logging"
"github.com/spf13/cobra"
)
@@ -21,7 +21,7 @@ func Health(cfg *config.Config) *cobra.Command {
return configlog.ReturnError(parser.ParseConfig(cfg))
},
RunE: func(cmd *cobra.Command, args []string) error {
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := logging.Configure(cfg.Service.Name, cfg.Log)
resp, err := http.Get(
fmt.Sprintf(

4
services/auth-basic/pkg/command/server.go
View File

@@ -7,13 +7,13 @@ import (
"github.com/opencloud-eu/opencloud/pkg/config/configlog"
"github.com/opencloud-eu/opencloud/pkg/ldap"
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/pkg/registry"
"github.com/opencloud-eu/opencloud/pkg/runner"
"github.com/opencloud-eu/opencloud/pkg/tracing"
"github.com/opencloud-eu/opencloud/pkg/version"
"github.com/opencloud-eu/opencloud/services/auth-basic/pkg/config"
"github.com/opencloud-eu/opencloud/services/auth-basic/pkg/config/parser"
"github.com/opencloud-eu/opencloud/services/auth-basic/pkg/logging"
"github.com/opencloud-eu/opencloud/services/auth-basic/pkg/revaconfig"
"github.com/opencloud-eu/opencloud/services/auth-basic/pkg/server/debug"
"github.com/opencloud-eu/reva/v2/cmd/revad/runtime"
@@ -30,7 +30,7 @@ func Server(cfg *config.Config) *cobra.Command {
return configlog.ReturnFatal(parser.ParseConfig(cfg))
},
RunE: func(cmd *cobra.Command, args []string) error {
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := logging.Configure(cfg.Service.Name, cfg.Log)
traceProvider, err := tracing.GetTraceProvider(cmd.Context(), cfg.Commons.TracesExporter, cfg.Service.Name)
if err != nil {
return err

15
services/auth-basic/pkg/config/config.go
View File

@@ -7,10 +7,10 @@ import (
)
type Config struct {
Commons *shared.Commons `yaml:"-"` // don't use this directly as configuration for a service
Service Service `yaml:"-"`
LogLevel string `yaml:"loglevel" env:"OC_LOG_LEVEL;AUTH_BASIC_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Debug Debug `yaml:"debug"`
Commons *shared.Commons `yaml:"-"` // don't use this directly as configuration for a service
Service Service `yaml:"-"`
Log *Log `yaml:"log"`
Debug Debug `yaml:"debug"`
GRPC GRPCConfig `yaml:"grpc"`
@@ -24,6 +24,13 @@ type Config struct {
Context context.Context `yaml:"-"`
}
type Log struct {
Level string `yaml:"level" env:"OC_LOG_LEVEL;AUTH_BASIC_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;AUTH_BASIC_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"1.0.0"`
Color bool `yaml:"color" env:"OC_LOG_COLOR;AUTH_BASIC_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"1.0.0"`
File string `yaml:"file" env:"OC_LOG_FILE;AUTH_BASIC_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"1.0.0"`
}
type Service struct {
Name string `yaml:"-"`
}

13
services/auth-basic/pkg/config/defaults/defaultconfig.go
View File

@@ -86,9 +86,18 @@ func DefaultConfig() *config.Config {
// EnsureDefaults adds default values to the configuration if they are not set yet
func EnsureDefaults(cfg *config.Config) {
if cfg.LogLevel == "" {
cfg.LogLevel = "error"
// provide with defaults for shared logging, since we need a valid destination address for "envdecode".
if cfg.Log == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Log = &config.Log{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Log == nil {
cfg.Log = &config.Log{}
}
if cfg.Reva == nil && cfg.Commons != nil {
cfg.Reva = structs.CopyOrZeroValue(cfg.Commons.Reva)
}

17
services/auth-basic/pkg/logging/logging.go Normal file
View File

@@ -0,0 +1,17 @@
package logging
import (
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/services/auth-basic/pkg/config"
)
// Configure initializes a service-specific logger instance.
func Configure(name string, cfg *config.Log) log.Logger {
return log.NewLogger(
log.Name(name),
log.Level(cfg.Level),
log.Pretty(cfg.Pretty),
log.Color(cfg.Color),
log.File(cfg.File),
)
}

4
services/auth-bearer/pkg/command/health.go
View File

@@ -5,9 +5,9 @@ import (
"net/http"
"github.com/opencloud-eu/opencloud/pkg/config/configlog"
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/services/auth-bearer/pkg/config"
"github.com/opencloud-eu/opencloud/services/auth-bearer/pkg/config/parser"
"github.com/opencloud-eu/opencloud/services/auth-bearer/pkg/logging"
"github.com/spf13/cobra"
)
@@ -21,7 +21,7 @@ func Health(cfg *config.Config) *cobra.Command {
return configlog.ReturnError(parser.ParseConfig(cfg))
},
RunE: func(cmd *cobra.Command, args []string) error {
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := logging.Configure(cfg.Service.Name, cfg.Log)
resp, err := http.Get(
fmt.Sprintf(

4
services/auth-bearer/pkg/command/server.go
View File

@@ -6,13 +6,13 @@ import (
"os/signal"
"github.com/opencloud-eu/opencloud/pkg/config/configlog"
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/pkg/registry"
"github.com/opencloud-eu/opencloud/pkg/runner"
"github.com/opencloud-eu/opencloud/pkg/tracing"
"github.com/opencloud-eu/opencloud/pkg/version"
"github.com/opencloud-eu/opencloud/services/auth-bearer/pkg/config"
"github.com/opencloud-eu/opencloud/services/auth-bearer/pkg/config/parser"
"github.com/opencloud-eu/opencloud/services/auth-bearer/pkg/logging"
"github.com/opencloud-eu/opencloud/services/auth-bearer/pkg/revaconfig"
"github.com/opencloud-eu/opencloud/services/auth-bearer/pkg/server/debug"
"github.com/opencloud-eu/reva/v2/cmd/revad/runtime"
@@ -29,7 +29,7 @@ func Server(cfg *config.Config) *cobra.Command {
return configlog.ReturnFatal(parser.ParseConfig(cfg))
},
RunE: func(cmd *cobra.Command, args []string) error {
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := logging.Configure(cfg.Service.Name, cfg.Log)
traceProvider, err := tracing.GetTraceProvider(cmd.Context(), cfg.Commons.TracesExporter, cfg.Service.Name)
if err != nil {
return err

16
services/auth-bearer/pkg/config/config.go
View File

@@ -7,11 +7,10 @@ import (
)
type Config struct {
Commons *shared.Commons `yaml:"-"` // don't use this directly as configuration for a service
Service Service `yaml:"-"`
LogLevel string `yaml:"loglevel" env:"OC_LOG_LEVEL;AUTH_BEARER_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Debug Debug `yaml:"debug"`
Commons *shared.Commons `yaml:"-"` // don't use this directly as configuration for a service
Service Service `yaml:"-"`
Log *Log `yaml:"log"`
Debug Debug `yaml:"debug"`
GRPC GRPCConfig `yaml:"grpc"`
@@ -25,6 +24,13 @@ type Config struct {
Context context.Context `yaml:"-"`
}
type Log struct {
Level string `yaml:"level" env:"OC_LOG_LEVEL;AUTH_BEARER_LOG_LEVEL" desc:"The log level. Valid values are: 'panic', 'fatal', 'error', 'warn', 'info', 'debug', 'trace'." introductionVersion:"1.0.0"`
Pretty bool `yaml:"pretty" env:"OC_LOG_PRETTY;AUTH_BEARER_LOG_PRETTY" desc:"Activates pretty log output." introductionVersion:"1.0.0"`
Color bool `yaml:"color" env:"OC_LOG_COLOR;AUTH_BEARER_LOG_COLOR" desc:"Activates colorized log output." introductionVersion:"1.0.0"`
File string `yaml:"file" env:"OC_LOG_FILE;AUTH_BEARER_LOG_FILE" desc:"The path to the log file. Activates logging to this file if set." introductionVersion:"1.0.0"`
}
type Service struct {
Name string `yaml:"-"`
}

12
services/auth-bearer/pkg/config/defaults/defaultconfig.go
View File

@@ -42,8 +42,16 @@ func DefaultConfig() *config.Config {
// EnsureDefaults adds default values to the configuration if they are not set yet
func EnsureDefaults(cfg *config.Config) {
if cfg.LogLevel == "" {
cfg.LogLevel = "error"
// provide with defaults for shared logging, since we need a valid destination address for "envdecode".
if cfg.Log == nil && cfg.Commons != nil && cfg.Commons.Log != nil {
cfg.Log = &config.Log{
Level: cfg.Commons.Log.Level,
Pretty: cfg.Commons.Log.Pretty,
Color: cfg.Commons.Log.Color,
File: cfg.Commons.Log.File,
}
} else if cfg.Log == nil {
cfg.Log = &config.Log{}
}
if cfg.Reva == nil && cfg.Commons != nil {

17
services/auth-bearer/pkg/logging/logging.go Normal file
View File

@@ -0,0 +1,17 @@
package logging
import (
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/services/auth-bearer/pkg/config"
)
// Configure initializes a service-specific logger instance.
func Configure(name string, cfg *config.Log) log.Logger {
return log.NewLogger(
log.Name(name),
log.Level(cfg.Level),
log.Pretty(cfg.Pretty),
log.Color(cfg.Color),
log.File(cfg.File),
)
}

4
services/auth-machine/pkg/command/health.go
View File

@@ -5,9 +5,9 @@ import (
"net/http"
"github.com/opencloud-eu/opencloud/pkg/config/configlog"
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/services/auth-machine/pkg/config"
"github.com/opencloud-eu/opencloud/services/auth-machine/pkg/config/parser"
"github.com/opencloud-eu/opencloud/services/auth-machine/pkg/logging"
"github.com/spf13/cobra"
)
@@ -21,7 +21,7 @@ func Health(cfg *config.Config) *cobra.Command {
return configlog.ReturnError(parser.ParseConfig(cfg))
},
RunE: func(cmd *cobra.Command, args []string) error {
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := logging.Configure(cfg.Service.Name, cfg.Log)
resp, err := http.Get(
fmt.Sprintf(

4
services/auth-machine/pkg/command/server.go
View File

@@ -6,13 +6,13 @@ import (
"os/signal"
"github.com/opencloud-eu/opencloud/pkg/config/configlog"
"github.com/opencloud-eu/opencloud/pkg/log"
"github.com/opencloud-eu/opencloud/pkg/registry"
"github.com/opencloud-eu/opencloud/pkg/runner"
"github.com/opencloud-eu/opencloud/pkg/tracing"
"github.com/opencloud-eu/opencloud/pkg/version"
"github.com/opencloud-eu/opencloud/services/auth-machine/pkg/config"
"github.com/opencloud-eu/opencloud/services/auth-machine/pkg/config/parser"
"github.com/opencloud-eu/opencloud/services/auth-machine/pkg/logging"
"github.com/opencloud-eu/opencloud/services/auth-machine/pkg/revaconfig"
"github.com/opencloud-eu/opencloud/services/auth-machine/pkg/server/debug"
"github.com/opencloud-eu/reva/v2/cmd/revad/runtime"
@@ -29,7 +29,7 @@ func Server(cfg *config.Config) *cobra.Command {
return configlog.ReturnFatal(parser.ParseConfig(cfg))
},
RunE: func(cmd *cobra.Command, args []string) error {
logger := log.Configure(cfg.Service.Name, cfg.Commons, cfg.LogLevel)
logger := logging.Configure(cfg.Service.Name, cfg.Log)
traceProvider, err := tracing.GetTraceProvider(cmd.Context(), cfg.Commons.TracesExporter, cfg.Service.Name)
if err != nil {
return err

Some files were not shown because too many files have changed in this diff Show More