From c1c2fbf213a60f0855d9aeee4f360384435165ef Mon Sep 17 00:00:00 2001 From: Ryan Kelly Date: Mon, 6 Jul 2020 13:47:11 +1000 Subject: [PATCH 1/5] Make a dev environment for Account Ecosystem Telemetry --- aws/environments/aet.yml | 12 ++++++++++++ roles/oauth/templates/config.json.j2 | 4 +++- 2 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 aws/environments/aet.yml diff --git a/aws/environments/aet.yml b/aws/environments/aet.yml new file mode 100644 index 00000000..0e99ee2a --- /dev/null +++ b/aws/environments/aet.yml @@ -0,0 +1,12 @@ +--- +region: us-west-2 +subdomain: aet.dev +hosted_zone: lcip.org +ssl_certificate_arn: arn:aws:acm:us-west-2:927034868273:certificate/74e4edea-7418-40d5-9f6f-3a76fdf44341 + +owner: "rfkelly@mozilla.com" +reaper_spare_me: "true" + +content_docker_tag: dockerpush.aet +profile_docker_tag: dockerpush.aet +fxadev_git_version: aet-dev-environment diff --git a/roles/oauth/templates/config.json.j2 b/roles/oauth/templates/config.json.j2 index 5f848ce5..a7418c6b 100644 --- a/roles/oauth/templates/config.json.j2 +++ b/roles/oauth/templates/config.json.j2 @@ -188,7 +188,9 @@ "imageUri": "{{ oauth_public_url }}/img/logo@2x.png", "redirectUri": "urn:ietf:wg:oauth:2.0:oob", "trusted": true, - "canGrant": true + "publicClient": true, + "canGrant": true, + "allowedScopes": "https://identity.mozilla.com/apps/oldsync https://identity.mozilla.com/tokens/session" }, { "id": "3332a18d142636cb", From 0c31cf626dd7a38f29a2ae1adcdd83c6d70fbdce Mon Sep 17 00:00:00 2001 From: Ryan Kelly Date: Wed, 29 Jul 2020 18:03:40 +1000 Subject: [PATCH 2/5] Pin auth version --- aws/docker-pull.sh | 1 - aws/environments/aet.yml | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/docker-pull.sh b/aws/docker-pull.sh index 7e6da69e..ff39434a 100755 --- a/aws/docker-pull.sh +++ b/aws/docker-pull.sh @@ -9,7 +9,6 @@ IMAGES=( mozilla/fxa-auth-server mozilla/fxa-content-server mozilla/fxa-customs-server - mozilla/fxa-oauth-server mozilla/syncserver mozilla/fxa-profile-server mozilla/pushbox diff --git a/aws/environments/aet.yml b/aws/environments/aet.yml index 0e99ee2a..faaeffa5 100644 --- a/aws/environments/aet.yml +++ b/aws/environments/aet.yml @@ -7,6 +7,7 @@ ssl_certificate_arn: arn:aws:acm:us-west-2:927034868273:certificate/74e4edea-741 owner: "rfkelly@mozilla.com" reaper_spare_me: "true" +auth_docker_tag: v1.178.0 content_docker_tag: dockerpush.aet profile_docker_tag: dockerpush.aet fxadev_git_version: aet-dev-environment From f34ce81a5ff4f071ef98143852fcbcba41ac4235 Mon Sep 17 00:00:00 2001 From: Ryan Kelly Date: Thu, 30 Jul 2020 09:53:21 +1000 Subject: [PATCH 3/5] Try using latest code --- aws/environments/aet.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/aws/environments/aet.yml b/aws/environments/aet.yml index faaeffa5..6ea3a087 100644 --- a/aws/environments/aet.yml +++ b/aws/environments/aet.yml @@ -7,7 +7,6 @@ ssl_certificate_arn: arn:aws:acm:us-west-2:927034868273:certificate/74e4edea-741 owner: "rfkelly@mozilla.com" reaper_spare_me: "true" -auth_docker_tag: v1.178.0 -content_docker_tag: dockerpush.aet -profile_docker_tag: dockerpush.aet +content_docker_tag: latest +profile_docker_tag: latest fxadev_git_version: aet-dev-environment From 8cb7f84174d927f5932a1199631562f03571e5ea Mon Sep 17 00:00:00 2001 From: Ryan Kelly Date: Fri, 31 Jul 2020 16:19:08 +1000 Subject: [PATCH 4/5] Update aet env to latest main (with fixes) --- aws/environments/aet.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/aws/environments/aet.yml b/aws/environments/aet.yml index 6ea3a087..ea1b826f 100644 --- a/aws/environments/aet.yml +++ b/aws/environments/aet.yml @@ -7,6 +7,5 @@ ssl_certificate_arn: arn:aws:acm:us-west-2:927034868273:certificate/74e4edea-741 owner: "rfkelly@mozilla.com" reaper_spare_me: "true" -content_docker_tag: latest -profile_docker_tag: latest +auth_docker_tag: dockerpush.aet fxadev_git_version: aet-dev-environment From f2a1d882450cfaf613f6954248c88bc770f6d5d5 Mon Sep 17 00:00:00 2001 From: Ryan Kelly Date: Fri, 31 Jul 2020 17:17:32 +1000 Subject: [PATCH 5/5] Add config for ecosystem keys file --- roles/content/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/content/tasks/main.yml b/roles/content/tasks/main.yml index 1c574994..7592e54a 100644 --- a/roles/content/tasks/main.yml +++ b/roles/content/tasks/main.yml @@ -55,6 +55,7 @@ ANSIBLE_RESTART_FIVE: 'true' SCOPED_KEYS_VALIDATION: "{{ content_scoped_keys_validation }}" ALLOWED_METRICS_FLOW_ORIGINS: "null,http://localhost:8001,http://localhost:8000,http://localhost:8000,https://www.mozilla.org,https://www.allizom.org,https://www-demo5.allizom.org,https://www-demo4.allizom.org,https://www-demo3.allizom.org,https://www-dev.allizom.org,https://fx-breach-alerts.herokuapp.com,https://monitor-v2.herokuapp.com" + ECOSYSTEM_ANON_ID_KEYS_FILE: "/tmp/ecosystem_keys.json" register: container - debug: var=container