diff --git a/deploy/kubernetes/api-deployment.yaml b/deploy/kubernetes/api-deployment.yaml index 1679d18..3514693 100644 --- a/deploy/kubernetes/api-deployment.yaml +++ b/deploy/kubernetes/api-deployment.yaml @@ -40,9 +40,9 @@ spec: value: "production" resources: limits: - memory: "240Mi" + memory: "200Mi" cpu: "200m" requests: ephemeral-storage: "100Mi" - memory: "240Mi" + memory: "200Mi" cpu: "200m" \ No newline at end of file diff --git a/production/api/app/app_settings.py b/production/api/app/app_settings.py index 9f54f17..362dd76 100644 --- a/production/api/app/app_settings.py +++ b/production/api/app/app_settings.py @@ -13,6 +13,8 @@ class AppSettings: url_slimfaas: str server_host: str server_port: int + oidc_issuer: Optional[str] = None + oidc_authority: Optional[str] = "true" class Settings: diff --git a/production/api/app/main.py b/production/api/app/main.py index aeb005c..263dc75 100644 --- a/production/api/app/main.py +++ b/production/api/app/main.py @@ -133,6 +133,16 @@ async def health(): if __name__ == "__main__": import uvicorn + from oidc.authentication_middleware import authentication_middleware, XHttpServiceGet app_settings = app_settings_factory_get() + if app_settings.oidc_enable == "true": + exclude_urls = ["/health", "/version", "/metrics", "/docs", "/openapi_json"] + app.add_middleware(authentication_middleware( + app_settings.oidc_authority, + ["api"], + "api", + exclude_urls, + XHttpServiceGet(http_service_factory_get().get_http_async_client()) + )) uvicorn.run(app, host=app_settings.server_host, port=app_settings.server_port) diff --git a/production/ia-worker/app/oidc/authentication.py b/production/api/app/oidc/authentication.py similarity index 100% rename from production/ia-worker/app/oidc/authentication.py rename to production/api/app/oidc/authentication.py diff --git a/production/ia-worker/app/oidc/authentication_middleware.py b/production/api/app/oidc/authentication_middleware.py similarity index 100% rename from production/ia-worker/app/oidc/authentication_middleware.py rename to production/api/app/oidc/authentication_middleware.py diff --git a/production/api/app/settings.development.json b/production/api/app/settings.development.json index 779148d..f4e9361 100644 --- a/production/api/app/settings.development.json +++ b/production/api/app/settings.development.json @@ -3,5 +3,7 @@ "redis_port": 6379, "url_slimfaas": "http://slimfaas:5000", "server_host": "localhost", - "server_port": 8000 + "server_port": 8000, + "oidc_authority": "https://demo.duendesoftware.com", + "oidc_enable" : true } \ No newline at end of file diff --git a/production/api/app/settings.json b/production/api/app/settings.json index 72fae84..87799f8 100644 --- a/production/api/app/settings.json +++ b/production/api/app/settings.json @@ -3,5 +3,7 @@ "redis_port": 6379, "url_slimfaas": "http://slimfaas:5000", "server_host": "0.0.0.0", - "server_port": 8000 + "server_port": 8000, + "oidc_authority": "https://demo.duendesoftware.com", + "oidc_enable" : true } \ No newline at end of file diff --git a/production/api/app/settings.production.json b/production/api/app/settings.production.json index 72fae84..87799f8 100644 --- a/production/api/app/settings.production.json +++ b/production/api/app/settings.production.json @@ -3,5 +3,7 @@ "redis_port": 6379, "url_slimfaas": "http://slimfaas:5000", "server_host": "0.0.0.0", - "server_port": 8000 + "server_port": 8000, + "oidc_authority": "https://demo.duendesoftware.com", + "oidc_enable" : true } \ No newline at end of file diff --git a/production/ia-worker/app/app_settings.py b/production/ia-worker/app/app_settings.py index 7a0f85c..9f54f17 100644 --- a/production/ia-worker/app/app_settings.py +++ b/production/ia-worker/app/app_settings.py @@ -13,9 +13,6 @@ class AppSettings: url_slimfaas: str server_host: str server_port: int - oidc_issuer: Optional[str] = None - oidc_authority: Optional[str] = "true" - class Settings: diff --git a/production/ia-worker/app/main.py b/production/ia-worker/app/main.py index 2a7d16c..2ac1de7 100644 --- a/production/ia-worker/app/main.py +++ b/production/ia-worker/app/main.py @@ -155,16 +155,6 @@ async def health(): if __name__ == "__main__": import uvicorn - from oidc.authentication_middleware import authentication_middleware, XHttpServiceGet app_settings = app_settings_factory_get() - if app_settings.oidc_enable == "true": - exclude_urls = ["/health", "/version", "/metrics", "/docs", "/openapi_json"] - app.add_middleware(authentication_middleware( - app_settings.oidc_authority, - ["api"], - "api", - exclude_urls, - XHttpServiceGet(http_service_factory_get().get_http_async_client()) - )) uvicorn.run(app, host=app_settings.server_host, port=app_settings.server_port) diff --git a/production/ia-worker/app/settings.development.json b/production/ia-worker/app/settings.development.json index f4e9361..779148d 100644 --- a/production/ia-worker/app/settings.development.json +++ b/production/ia-worker/app/settings.development.json @@ -3,7 +3,5 @@ "redis_port": 6379, "url_slimfaas": "http://slimfaas:5000", "server_host": "localhost", - "server_port": 8000, - "oidc_authority": "https://demo.duendesoftware.com", - "oidc_enable" : true + "server_port": 8000 } \ No newline at end of file diff --git a/production/ia-worker/app/settings.json b/production/ia-worker/app/settings.json index 87799f8..72fae84 100644 --- a/production/ia-worker/app/settings.json +++ b/production/ia-worker/app/settings.json @@ -3,7 +3,5 @@ "redis_port": 6379, "url_slimfaas": "http://slimfaas:5000", "server_host": "0.0.0.0", - "server_port": 8000, - "oidc_authority": "https://demo.duendesoftware.com", - "oidc_enable" : true + "server_port": 8000 } \ No newline at end of file diff --git a/production/ia-worker/app/settings.production.json b/production/ia-worker/app/settings.production.json index 87799f8..72fae84 100644 --- a/production/ia-worker/app/settings.production.json +++ b/production/ia-worker/app/settings.production.json @@ -3,7 +3,5 @@ "redis_port": 6379, "url_slimfaas": "http://slimfaas:5000", "server_host": "0.0.0.0", - "server_port": 8000, - "oidc_authority": "https://demo.duendesoftware.com", - "oidc_enable" : true + "server_port": 8000 } \ No newline at end of file