feat: standalone installer & env var prefix standardization#83
Merged
Conversation
…ECH-001) Align os.Getenv call arguments in Go source with the MC_<FRAMEWORK>_* naming rule adopted by mc-admin-cli (ADMINCLI-TECH-001). Changed variables (8 kinds, 11 call sites + error messages): - PREDEFINED_PLATFORM_ROLE → MC_IAM_MANAGER_PREDEFINED_PLATFORM_ROLE - DEFAULT_WORKSPACE_NAME → MC_IAM_MANAGER_DEFAULT_WORKSPACE_NAME - AWS_ACCOUNT_ID → MC_IAM_MANAGER_AWS_ACCOUNT_ID - IDENTITY_PROVIDER_ARN_AWS → MC_IAM_MANAGER_AWS_IDENTITY_PROVIDER_ARN - IDENTITY_ROLE_ARN_AWS → MC_IAM_MANAGER_AWS_IDENTITY_ROLE_ARN - MCADMINCLI_APIYAML → MC_ADMIN_CLI_APIYAML - MCWEBCONSOLE_MENUYAML → MC_WEB_CONSOLE_MENUYAML (fixes active mismatch with mc-admin-cli .env) - MCWEBCONSOLE_PERMISSIONCSV → MC_WEB_CONSOLE_MENU_PERMISSIONS (fixes active mismatch) Also synced: - Error message strings inside csp_role_service.go - Comments and log messages in menu_service.go, admin_handler.go, project_service.go - Swagger description in menu_handler.go and generated docs - .env_sample, .env.setup variable names and inter-variable references - docker-compose-dev.yaml environment key names (USE_TICKET_VALID, AWS_ACCOUNT_ID, CSP_ROLE_PREFIX) Merge order dependency: this PR must be merged and the image rebuilt before mc-admin-cli ADMINCLI-TECH-001 PR is merged. Notion: mc-iam-ep-연계프레임워크연동안정화/003_환경변수prefix표준화 (IAM-TECH-001)
feat(env): standardize env var prefix to MC_<FRAMEWORK>
Introduces installAll.sh at repo root to provide the same bootstrap UX as mc-admin-cli (env sync, preset scripts, docker compose up, container health monitoring) without requiring the mcc Go binary. Key changes: - installAll.sh: supports -m dev|prod, -d <domain>, -r log|background|skip flags; replaces `mcc infra run` with direct `docker compose` calls; EXPECTED_CONTAINERS updated to the 13 services in this repo - .env.setup: add COMPOSE_PROJECT_NAME=mc-iam-manager to pin project name - Dockerfile.mciammanager: narrow COPY asset to explicit subdirs (mcmpapi/menu/organization), excluding the now-removed asset/setup/ - asset/setup/: removed (superseded by canonical conf/mc-iam-manager/ scripts) - DOCKER_README.md: rewritten to reflect current service list and new installAll.sh entrypoint; removes stale references to 0_preset_create_nginx_conf.sh and docker-compose.all.yaml
…ve health checks - Remove all ./tool/mcc:/app/tool/mcc volume mounts from 7 services (mcc is a docker compose wrapper and should not run inside containers) - Replace mcc-based health checks with native tools: - mc-infra-connector: curl -f - mc-iam-manager-kc: bash /dev/tcp (no wget/curl in Keycloak image) - mc-web-console-api: bash /dev/tcp (no wget/curl in Go image) - Add conf/mc-iam-manager/0_preset_local.sh for localhost (plain HTTP) preset (was missing, causing installAll.sh -m dev -d localhost to fail)
… 3001 - Add MC_WEB_CONSOLE_FRONT_PORT to nginx port bindings (was missing) so https://<ip>:3001 is proxied by nginx with SSL - Remove direct host port binding from mc-web-console-front (nginx handles the external exposure) - Add front port URI to Keycloak mciamClient redirectUris in 1_setup_auto.sh so OAuth callback to https://<ip>:3001/* is allowed
…container The mc-web-console-front binary reads MC_WEB_CONSOLE_API_ADDR / MC_WEB_CONSOLE_API_PORT (not API_ADDR / API_PORT). Without the prefix, the binary fell back to localhost:3000, causing 500 on all /api/* proxy calls.
- installAll.sh prod mode: start nginx in HTTP-only mode before running certbot so the ACME challenge can be served via webroot; reload nginx with SSL config after cert is issued - docker-compose.cert.yaml: switch to webroot mode (was standalone which conflicts with running nginx), fix volume path and env var names (MC_IAM_MANAGER_PUBLIC_DOMAIN / MC_IAM_MANAGER_CERT_EMAIL), add mc-iam-manager-network so certbot can reach nginx - conf/mc-iam-manager/menu.yaml: add Menus under organizations, add CSP Accounts under cloudsps, update isaction flags - conf/mc-iam-manager/api.yaml: sync API resource definitions
feat: standalone Docker installer with installAll.sh bootstrap
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
MC_<FRAMEWORK>_prefix 형태로 표준화 (IAM-TECH-001)installAll.sh추가 — standalone docker 부트스트랩 진입점clearAll.sh추가 — 컨테이너 중단 및 전체 리셋 스크립트DOCKER_README에clearAll.sh사용법 추가Test plan
installAll.sh실행 후 모든 컨테이너 정상 기동 확인clearAll.sh실행 후 컨테이너 중단 및.env복원 확인MC_IAM_,MC_WEB_CONSOLE_prefix 정상 인식 확인