Closed synackd closed 6 months ago
synackd
commented
6 months ago @travisbcotton The run command for the CI runner will need to change to:
docker compose \
-f ochami-services.yml \
-f ochami-services-noauth.yml \
-f ochami-hurl-tests.yml \
-f ochami-hurl-tests-noauth.yml \
-f hydra.yml \
-f opaal.yml \
-f ochami-krakend-ce.yml \
-f ochami-krakend-ce-tests.yml \
up -d(Add -f opaal.yml \)
davidallendj
commented
6 months ago Looks good. I'm just waiting to test locally first since the
dnsmasqstuff is still failing for M2 laptops.
The dnsmasq container was updated to support linux/arm64 needed to run with Docker desktop, but it still seems like it's failing for some reason.
Edit: For clarification, I think deployment recipe is failing from something else not related to the dnsmasq container.
davidallendj
commented
6 months ago I was using the wrong branch for testing...I was using my own local opaal branch instead of add-opaal from the fork. After switching, it works and all tests pass.
synackd
commented
6 months ago LGTM.
OPAAL is an OIDC login tool that greatly eases the login workflow for client credentials grants. BSS added support for it in v1.30.2.
This PR adds a docker-compose config for OPAAL and configures BSS to depend on the service as well as use it for fetching its JWKS, which BSS uses to authenticate with SMD's protected endpoints.