Skip to content

feat: standalone installer & env var prefix standardization #83

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
MZC-CSC merged 12 commits into from
May 26, 2026
Merged

feat: standalone installer & env var prefix standardization #83

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
fe80d75
feat(env): standardize env var names to MC_<FRAMEWORK>_ prefix (IAM-T…
dogfootman May 21, 2026
51a1aca
Merge pull request #103 from MZC-CSC/feat-iam-env-prefix-001
MZC-CSC May 21, 2026
f7b610e
feat: add installAll.sh bootstrap for standalone docker operation
dogfootman May 22, 2026
1b82f65
fix(docker-compose): remove tool/mcc bind mount and replace with nati…
dogfootman May 23, 2026
63d3d4f
fix(docker-compose): route mc-web-console-front through nginx on port…
dogfootman May 23, 2026
c24f85a
fix(docker-compose): use MC_WEB_CONSOLE_ prefixed env vars for front …
dogfootman May 23, 2026
ab9a436
fix(prod): fix chicken-and-egg cert issuance and update data configs
dogfootman May 23, 2026
2c0d337
feat: add clearAll.sh for container stop and full reset
dogfootman May 23, 2026
89bfdd4
docs: add clearAll.sh usage to DOCKER_README
dogfootman May 23, 2026
fe5a9cd
fix(clearAll): restore tracked .env to git defaults instead of deleting
dogfootman May 23, 2026
b34e7dc
merge: resolve api.yaml conflict with develop (add listUser*/updateCs…
dogfootman May 23, 2026
10ff935
Merge pull request #104 from MZC-CSC/feat-iam-standalone-installer
dogfootman May 23, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 9 additions & 8 deletions .env.setup
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
# Common Use case
COMPOSE_PROJECT_NAME=mc-iam-manager
HEALTH_CHECK_INTERVAL=1m
HEALTH_CHECK_TIMEOUT=5s
HEALTH_CHECK_RETRIES=3
Expand Down Expand Up @@ -45,9 +46,9 @@ DEFAULT_LANGUAGE=ko # [ko|en] Default is ko if not set
MODE=standalone # [standalone|docker] both are same.

## Resources Permission MODE
USE_TICKET_VALID=true # [true|false]
MC_IAM_MANAGER_USE_TICKET_VALID=true # [true|false]

MCADMINCLI_APIYAML=https://raw.githubusercontent.com/m-cmp/mc-admin-cli/refs/heads/main/conf/api.yaml
MC_ADMIN_CLI_APIYAML=https://raw.githubusercontent.com/m-cmp/mc-admin-cli/refs/heads/main/conf/api.yaml
MC_WEB_CONSOLE_MENUYAML=https://raw.githubusercontent.com/m-cmp/mc-web-console/refs/heads/main/conf/webconsole_menu_resources.yaml
MC_WEB_CONSOLE_MENU_PERMISSIONS=https://raw.githubusercontent.com/m-cmp/mc-web-console/refs/heads/main/conf/webconsole_menu_permissions.csv

Expand All @@ -59,7 +60,7 @@ MC_IAM_MANAGER_PLATFORMADMIN_LASTNAME=iammanager
MC_IAM_MANAGER_PLATFORMADMIN_EMAIL=iammanager@cloud-barista.org

PREDEFINED_ROLE=admin,operator,viewer,billadmin,billviewer
PREDEFINED_PLATFORM_ROLE=admin,operator,viewer,billadmin,billviewer
MC_IAM_MANAGER_PREDEFINED_PLATFORM_ROLE=admin,operator,viewer,billadmin,billviewer
PREDEFINED_WORKSPACE_ROLE=admin,operator,viewer,billadmin,billviewer

MC_IAM_MANAGER_KEYCLOAK_CLIENT_NAME=mciamClient
Expand Down Expand Up @@ -124,11 +125,11 @@ MCINFRAMANAGER_APIUSERNAME=spider
MCINFRAMANAGER_APIPASSWORD=spider

## Default Workspace
DEFAULT_WORKSPACE_NAME=ws01
MC_IAM_MANAGER_DEFAULT_WORKSPACE_NAME=ws01

TEMPORARY_SECURITY_CREDENTIALS_ENDPOINT_AWS=https://sts.amazonaws.com
AWS_ACCOUNT_ID=notyet
CSP_ROLE_PREFIX=mciam
IDENTITY_PROVIDER_ARN_AWS=arn:aws:iam::${AWS_ACCOUNT_ID}:oidc-provider/${MC_IAM_MANAGER_KEYCLOAK_EXTERNAL_DOMAIN}/auth/realms/${MC_IAM_MANAGER_KEYCLOAK_OIDC_CLIENT_NAME}
IDENTITY_ROLE_ARN_AWS=arn:aws:iam::${AWS_ACCOUNT_ID}:role/${CSP_ROLE_PREFIX}-platformadmin
MC_IAM_MANAGER_AWS_ACCOUNT_ID=notyet
MC_IAM_MANAGER_CSP_ROLE_PREFIX=mciam
MC_IAM_MANAGER_AWS_IDENTITY_PROVIDER_ARN=arn:aws:iam::${MC_IAM_MANAGER_AWS_ACCOUNT_ID}:oidc-provider/${MC_IAM_MANAGER_KEYCLOAK_EXTERNAL_DOMAIN}/auth/realms/${MC_IAM_MANAGER_KEYCLOAK_OIDC_CLIENT_NAME}
MC_IAM_MANAGER_AWS_IDENTITY_ROLE_ARN=arn:aws:iam::${MC_IAM_MANAGER_AWS_ACCOUNT_ID}:role/${MC_IAM_MANAGER_CSP_ROLE_PREFIX}-platformadmin
MC_IAM_MANAGER_HOST=http://localhost:5005
20 changes: 10 additions & 10 deletions .env_sample
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,11 +38,11 @@ DEFAULT_LANGUAGE=ko # [ko|en] Default is ko if not set
MODE=standalone # [standalone|docker] both are same.

## Resources Permission MODE
USE_TICKET_VALID=true # [true|false]
MC_IAM_MANAGER_USE_TICKET_VALID=true # [true|false]

MCADMINCLI_APIYAML=https://raw.githubusercontent.com/m-cmp/mc-admin-cli/refs/heads/main/conf/api.yaml
MCWEBCONSOLE_MENUYAML=https://raw.githubusercontent.com/m-cmp/mc-web-console/refs/heads/main/conf/webconsole_menu_resources.yaml
MCWEBCONSOLE_MENU_PERMISSIONS=https://raw.githubusercontent.com/m-cmp/mc-web-console/refs/heads/main/conf/webconsole_menu_permissions.csv
MC_ADMIN_CLI_APIYAML=https://raw.githubusercontent.com/m-cmp/mc-admin-cli/refs/heads/main/conf/api.yaml
MC_WEB_CONSOLE_MENUYAML=https://raw.githubusercontent.com/m-cmp/mc-web-console/refs/heads/main/conf/webconsole_menu_resources.yaml
MC_WEB_CONSOLE_MENU_PERMISSIONS=https://raw.githubusercontent.com/m-cmp/mc-web-console/refs/heads/main/conf/webconsole_menu_permissions.csv


MC_IAM_MANAGER_PLATFORMADMIN_ID=mcmp
Expand All @@ -52,7 +52,7 @@ MC_IAM_MANAGER_PLATFORMADMIN_LASTNAME=iammanager
MC_IAM_MANAGER_PLATFORMADMIN_EMAIL=iammanager@cloud-barista.org

PREDEFINED_ROLE=admin,operator,viewer,billadmin,billviewer
PREDEFINED_PLATFORM_ROLE=admin,operator,viewer,billadmin,billviewer
MC_IAM_MANAGER_PREDEFINED_PLATFORM_ROLE=admin,operator,viewer,billadmin,billviewer
PREDEFINED_WORKSPACE_ROLE=admin,operator,viewer,billadmin,billviewer

MC_IAM_MANAGER_KEYCLOAK_CLIENT_NAME=mciamClient
Expand Down Expand Up @@ -94,13 +94,13 @@ MCINFRAMANAGER_APIUSERNAME=default
MCINFRAMANAGER_APIPASSWORD=default

## Default Workspace
DEFAULT_WORKSPACE_NAME=ws01
MC_IAM_MANAGER_DEFAULT_WORKSPACE_NAME=ws01

TEMPORARY_SECURITY_CREDENTIALS_ENDPOINT_AWS=https://sts.amazonaws.com
AWS_ACCOUNT_ID=notyet
CSP_ROLE_PREFIX=mciam
IDENTITY_PROVIDER_ARN_AWS=arn:aws:iam::${AWS_ACCOUNT_ID}:oidc-provider/${MC_IAM_MANAGER_KEYCLOAK_EXTERNAL_DOMAIN}/auth/realms/${MC_IAM_MANAGER_KEYCLOAK_OIDC_CLIENT_NAME}
IDENTITY_ROLE_ARN_AWS=arn:aws:iam::${AWS_ACCOUNT_ID}:role/${CSP_ROLE_PREFIX}-platformadmin
MC_IAM_MANAGER_AWS_ACCOUNT_ID=notyet
MC_IAM_MANAGER_CSP_ROLE_PREFIX=mciam
MC_IAM_MANAGER_AWS_IDENTITY_PROVIDER_ARN=arn:aws:iam::${MC_IAM_MANAGER_AWS_ACCOUNT_ID}:oidc-provider/${MC_IAM_MANAGER_KEYCLOAK_EXTERNAL_DOMAIN}/auth/realms/${MC_IAM_MANAGER_KEYCLOAK_OIDC_CLIENT_NAME}
MC_IAM_MANAGER_AWS_IDENTITY_ROLE_ARN=arn:aws:iam::${MC_IAM_MANAGER_AWS_ACCOUNT_ID}:role/${MC_IAM_MANAGER_CSP_ROLE_PREFIX}-platformadmin

# SAML Client ID (CSP별 Keycloak SAML 클라이언트 ID)
SAML_CLIENT_ID_AWS=urn:amazon:webservices
Expand Down
Loading
Loading