GlueOps/autoglue
1
0
Fork 0
mirror of https://github.com/GlueOps/autoglue.git synced 2026-02-13 04:40:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

chore: create README.md

Browse Source
This commit is contained in:
allanice001
2025-11-02 23:12:55 +00:00
parent 55689084b9
commit 5591200d0f
1 changed files with 145 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

162
README.md
View File

@@ -1,26 +1,154 @@
# Autoglue # Autoglue
## Before modifying anything ## Setup Env
this repo uses git subtree create .env file:
Subtree is like “vendor the files” with the option to push/pull history, but it behaves like normal files in the parent—no detached HEADs, no separate checkout. ```
DB_USER=autoglue
DB_PASSWORD=autoglue
DB_NAME=autoglue
- Main repo: github.com/glueops/autoglue BIND_ADDRESS=127.0.0.1
- SDK repo: github.com/glueops/autoglue-sdk-go BIND_PORT=8080
- SDK Path in main: sdk/go/
```bash DATABASE_URL=postgres://autoglue:autoglue@localhost:5432/autoglue
# one-time: add the external repo as a subtree living at sdk/go/
git remote add sdk-origin git@github.com:glueops/autoglue-sdk-go.git # Used to switch between dev proxy and spa handler
git subtree add --prefix=sdk/go sdk-origin main --squash # dev proxy - proxy binds port 5173 (vite) to BIND_PORT at /
# spa handler - requires ui build and serves embedded from build result
UI_DEV=true
# in development - removes hsts in security middleware, any other value - hsts gets enabled
ENV=development
# Enables or disables /debug/pprof
DEBUG=true
# Enables or disables embedded swagger ui
SWAGGER=true
JWT_ISSUER=http://localhost:8080
JWT_AUDIENCE=autoglue-ui
# optional - 32 bytes base64url (no padding); use only if you want to encrypt private PEM in DB
# openssl rand -base64 32 | tr '+/' '-_' | tr -d '='
JWT_PRIVATE_ENC_KEY=IQp53NFkJvbfgLgZc-wo1CNLYRndJA-g5u13HFAn4rI
OAUTH_REDIRECT_BASE=http://localhost:8080
GOOGLE_CLIENT_ID=742299367132-na2i6spu7doukkqtk52vcqd6p94ijupi.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=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
#GITHUB_CLIENT_ID=...
#GITHUB_CLIENT_SECRET=...
``` ```
After changes in the API: ## Bring up Database:
```bash
docker compose up -d
```
## Generate JWT tokens used for auth in the DB
Private Key is encrypted by `JWT_PRIVATE_ENC_KEY`
If this is not set, the private key is stored in plain text in the DB - its never exposed at any rate
```bash
go run . keys generate
```
## Generate master encryption key
The master encryption key is used to generate the org encryption keys - without it there will be failures
```bash
go run . encrypt create-master
```
## Ensure your swagger and SDKs are up to date with the api spec
```bash ```bash
# Regenerate Swagger
make swagger make swagger
# Regenerate all SDKs - this includes the go and typescript SDKs, as well as the vendored TS SDK consumed by UI
make sdk-all make sdk-all
# update SDK repo from main (after regeneration)
git subtree push --prefix=sdk/go sdk-origin main
``` ```
## Build terraform provider
Currently, the terraform provider consumes the go sdk through an alias
Once the SDK is published to its own repo, the alias can be removed. but this is why its imperative to ensure the SDK is up to date
The command below builds the provider binary, and installs it where terraform expects it to be placed if it were downloaded from a registry
```bash
cd terraform-provider-autoglue
make dev
```
## See UI & terraform in action
From the project root
## UI & API - required for the terraform
Start the API & UI (the env embeds it with a dev proxy)
if you witness a failure here, run `make ui`
This is most likely the SPA handler trying to embed ui files that dont exist
```bash
go run .
```
From your GLUEOPS profiled browser - http://localhost:8080
Login - this is restricted to glueops.dev at the minute (in google workspace settings - outside of the API)
Create your org (http://localhost:8080/me) - you should be redirected here after initial login
Once you have an org - create a set of api keys for your org:
They will be in the format of:
```text
Org Key: org_lnJwmyyWH7JC-JgZo5v3Kw
Org Secret: fqd9yebGMfK6h5HSgWn4sXrwr9xlFbvbIYtNylRElMQ
```
use them in terraform/envs/dev/terraform.tfvars
in my example here, i also create ssh keys in my example:
```terraform
org_key = "org_lnJwmyyWH7JC-JgZo5v3Kw"
org_secret = "fqd9yebGMfK6h5HSgWn4sXrwr9xlFbvbIYtNylRElMQ"
ssh_keys = {
bastionKey = {
name = "Bastion Key"
comment = "deploy@autoglue"
type = "rsa"
bits = 4096
enable_download = true
download_part = "both"
download_dir = "out/bastionKey"
}
clusterKey = {
name = "Cluster Key"
comment = "bastion@autoglue"
type = "ed25519" # bits ignored
enable_download = true
download_part = "both"
download_dir = "out/clusterKey"
}
}
```
explore `main.tf` for how the module ssh-keys module is used
also you will see there how to create servers using the servers module
in `terraform/envs/dev`
```bash
rm -rf .terraform*
tofu init -upgrade
tofu plan
tofu apply -auto-approve
```
If everything went to plan, you'll have an `out` directory containting 2 zip file - one for each of the ssh keys
In the UI you will also see the SSH Keys on its page,
you will also see the servers created on its page.
## <span style="color:red">WARNING</span>
<span style="color:red">!!!!Terraform destroy deletes the keys from the api as well as deletes the local files!!!!</span>
```bash
tofu destroy -auto-approve
```