Skip to content

Commit

Permalink
pull config from AppConfig if APP_ID is not empty
Browse files Browse the repository at this point in the history
  • Loading branch information
briskt committed Mar 27, 2024
1 parent 2780dad commit 7f4d810
Show file tree
Hide file tree
Showing 4 changed files with 46 additions and 3 deletions.
5 changes: 4 additions & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -19,4 +19,7 @@ COPY application/ /data/
RUN chown -R www-data:www-data \
console/runtime/

CMD ["/data/yii", "batch/full"]
ADD https://github.com/silinternational/config-shim/releases/latest/download/config-shim.gz config-shim.gz
RUN gzip -d config-shim.gz && chmod 755 config-shim && mv config-shim /usr/local/bin

CMD ["/data/run.sh"]
22 changes: 20 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,8 +1,26 @@
# IdP ID Sync
Tool to synchronize user records between the ID Broker and an ID Store

## Configuration files
Copy ```local.env.dist``` to ```local.env``` and supply any necessary values.
## Configuration
By default, configuration is read from environment variables documented in the `local.env.dist`
file. Copy this file to `local.env` and supply any necessary values.

Optionally, you can define configuration in AWS AppConfig. To do this, set the following
environment variables to point to the configuration in AWS:

* `AWS_REGION` - the AWS region in use
* `APP_ID` - the application ID or name
* `CONFIG_ID` - the configuration profile ID or name
* `ENV_ID` - the environment ID or name

In addition, the AWS API requires authentication. It is best to use an access role
such as an [ECS Task Role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html).
If that is not an option, you can specify an access token using the `AWS_ACCESS_KEY_ID` and
`AWS_SECRET_ACCESS_KEY` variables.

The content of the configuration profile takes the form of a typical .env file, using
`#` for comments and `=` for variable assignment. Any variables read from AppConfig
will overwrite variables set in the execution environment.

## Testing

Expand Down
7 changes: 7 additions & 0 deletions application/run.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
#!/usr/bin/env bash

if [[ -z "${APP_ID}" ]]; then
/data/yii batch/full
else
config-shim --app $APP_ID --config $CONFIG_ID --env $ENV_ID /data/yii batch/full
fi
15 changes: 15 additions & 0 deletions local.env.dist
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,21 @@ ID_STORE_ADAPTER=

### Optional ENV vars ###

# === AWS AppConfig (optional) ===

# The AWS region in use
#AWS_REGION=

# The AppConfig Application ID (or name)
#APP_ID=

# The AppConfig Configuration Profile ID (or name)
#CONFIG_ID=

# The AppConfig Environment ID (or name)
#ENV_ID=


# Where to email error logs.
#ALERTS_EMAIL=

Expand Down

0 comments on commit 7f4d810

Please sign in to comment.