search

spiffe / tornjak

Tornjak is a UI and management layer used for brokering human access to one or more SPIRE deployments
Apache License 2.0
78 stars 41 forks source link

Rename directory in Tornjak Backend container #463

Closed vjesu5 closed 2 months ago

vjesu5 commented 3 months ago

Changes proposed

This PR includes renaming the directory Tornjak from /opt/spire to /opt/tornjak mentioned in the opened issue #259 for:

vjesu5 commented 3 months ago

Hello, Maia. i- Thanks for sharing the raised points, I just updated this PR by removing the directory update left in your comments. ii- Regarding building the backend project: I successfully built the backend Dockerfiles for Tornjak. However, I cannot test it since the Contributing instructions for testing the backend in this repository look out-of-date. I am still unsure about this, let me know if I need to follow a different approach.

image image
maia-iyer commented 3 months ago

That's fair! the backend documentation for testing an image does seem missing. To get started, I'm curious if you are able to run the quickstart? This has instructions for running tornjak locally. Once you are able to run it as is, you would be able to update the image in server-statefulset.yaml to the image you built, and test again

Definitely ask questions if any! I might try to update that documentation soon

vjesu5 commented 3 months ago

That's fair! the backend documentation for testing an image does seem missing. To get started, I'm curious if you are able to run the quickstart? This has instructions for running tornjak locally. Once you are able to run it as is, you would be able to update the image in server-statefulset.yaml to the image you built, and test again

Definitely ask questions if any! I might try to update that documentation soon

Thank you, Maia. 😄 After following the quickstart section, I successfully ran the Tornjak backend locally (also along with its UI) as is. However, going to test my local changes, I could not deploy the built image since the spire server is never ready (even waiting for some minutes and considering the image built finished successfully):

image

That is what I've added in the server-statefulset.yaml file based on the new image name:

image image

If possible, help me identify the issue. In parallel, I am trying to do other tests in a relentless quest to make this happen. 😄

maia-iyer commented 3 months ago

Thanks for the detailed debug info!

The local minikube cluster automatically attempts to pull from DockerHub. So when you specified the image in the yaml as tornjak-backend-vjesus-ubi:latest, it's trying to pull docker.io/tornjak-backend-vjesus-ubi:latest or something like that. I think if you run kubectl describe po -n spire spire-server-0 it would give more details towards the end of the output under the events section.

There's two possible remedies:

  1. Create a dockerhub account and push the image to dockerhub
  2. Simplest and quickets: I believe there's a minikube image load command that should be useful. I found this link with more useful information. Once this is done, you may need to delete the pod with a kubectl delete po -n spire spire-server-0 command to kick restart it

Let me know if this helps! If not, definitely show the outputs of kubectl describe po -n spire spire-server-0 and kubectl logs -n spire spire-server-0 -c tornjak-backend and we can debug further

vjesu5 commented 2 months ago

Thanks for the detailed debug info!

The local minikube cluster automatically attempts to pull from DockerHub. So when you specified the image in the yaml as tornjak-backend-vjesus-ubi:latest, it's trying to pull docker.io/tornjak-backend-vjesus-ubi:latest or something like that. I think if you run kubectl describe po -n spire spire-server-0 it would give more details towards the end of the output under the events section.

There's two possible remedies:

  1. Create a dockerhub account and push the image to dockerhub
  2. Simplest and quickets: I believe there's a minikube image load command that should be useful. I found this link with more useful information. Once this is done, you may need to delete the pod with a kubectl delete po -n spire spire-server-0 command to kick restart it

Let me know if this helps! If not, definitely show the outputs of kubectl describe po -n spire spire-server-0 and kubectl logs -n spire spire-server-0 -c tornjak-backend and we can debug further

Thank you, Maia! It completely helped me. My misunderstanding was precisely that Minikube automatically pulls the image from the repository (despite the possibility of adjusting and forcing it to use the local image). After publishing the image to the hub, I built and ran the Tornjak backend successfully.

So now I can run the spire server, along with the tornjak backend (with the changes), and its frontend.

image image image

In complement, I tested with the non-ubi image which also seem to work fine.

image

Both UBI and non-UBI images were published on https://hub.docker.com/r/vjesu5/tornjak-backend-ubi and https://hub.docker.com/r/vjesu5/tornjak-backend respectively.

I've just tested this end-to-end by navigating through the UI application. I'm unsure how effective the test was to ensure that my changes (path renames) didn't break the application behavior.

If you have any additional concerns or backend prints you may require, please let me know.

This Pull Request description was updated based on what was changed in fact.