chore(cloud-native)!: remove couchbase support from OCI images (#1885)

Signed-off-by: iromli <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

Author: iromli

docker-admin-ui/Dockerfile

@@ -20,7 +20,7 @@ EXPOSE 8080
 # Assets sync
 # ===========
 
-ENV JANS_SOURCE_VERSION=6e00e723a99d700a4f82713b0c25b2d6e3ef5775
+ENV JANS_SOURCE_VERSION=871c36da8a2550ee2febd7c0d72c521898b226c3
 ARG JANS_SETUP_DIR=jans-linux-setup/jans_setup
 
 # note that as we're pulling from a monorepo (with multiple project in it)
@@ -137,17 +137,7 @@ ENV CN_SECRET_ADAPTER=vault \
 # ===============
 
 ENV CN_PERSISTENCE_TYPE=sql \
-    CN_HYBRID_MAPPING="{}" \
-    CN_COUCHBASE_URL=localhost \
-    CN_COUCHBASE_USER=admin \
-    CN_COUCHBASE_CERT_FILE=/etc/certs/couchbase.crt \
-    CN_COUCHBASE_CONN_TIMEOUT=10000 \
-    CN_COUCHBASE_CONN_MAX_WAIT=20000 \
-    CN_COUCHBASE_SCAN_CONSISTENCY=not_bounded \
-    CN_COUCHBASE_BUCKET_PREFIX=jans \
-    CN_COUCHBASE_TRUSTSTORE_ENABLE=true \
-    CN_COUCHBASE_KEEPALIVE_INTERVAL=30000 \
-    CN_COUCHBASE_KEEPALIVE_TIMEOUT=2500
+    CN_HYBRID_MAPPING="{}"
 
 # ===========
 # Generic ENV

docker-admin-ui/README.md

@@ -63,19 +63,8 @@ The following environment variables are supported by the container:
 - `CN_TOKEN_SERVER_USERINFO_ENDPOINT`: User info endpoint at token server (default to `/jans-auth/restv1/userinfo`).
 - `CN_TOKEN_SERVER_CLIENT_ID`: Client ID registered at token server.
 - `CN_TOKEN_SERVER_CERT_FILE`: Path to token server certificate (default to `/etc/certs/token_server.crt`).
-- `CN_PERSISTENCE_TYPE`: Persistence backend being used (one of `sql`, `couchbase`, or `hybrid`; default to `sql`).
+- `CN_PERSISTENCE_TYPE`: Persistence backend being used (one of `sql` or `hybrid`; default to `sql`).
 - `CN_HYBRID_MAPPING`: Specify data mapping for each persistence (default to `"{}"`). Note this environment only takes effect when `CN_PERSISTENCE_TYPE` is set to `hybrid`. See [hybrid mapping](#hybrid-mapping) section for details.
-- `CN_COUCHBASE_URL`: Address of Couchbase server (default to `localhost`).
-- `CN_COUCHBASE_USER`: Username of Couchbase server (default to `admin`).
-- `CN_COUCHBASE_CERT_FILE`: Couchbase root certificate location (default to `/etc/certs/couchbase.crt`).
-- `CN_COUCHBASE_PASSWORD_FILE`: Path to file contains Couchbase password (default to `/etc/jans/conf/couchbase_password`).
-- `CN_COUCHBASE_CONN_TIMEOUT`: Connect timeout used when a bucket is opened (default to `10000` milliseconds).
-- `CN_COUCHBASE_CONN_MAX_WAIT`: Maximum time to wait before retrying connection (default to `20000` milliseconds).
-- `CN_COUCHBASE_SCAN_CONSISTENCY`: Default scan consistency; one of `not_bounded`, `request_plus`, or `statement_plus` (default to `not_bounded`).
-- `CN_COUCHBASE_BUCKET_PREFIX`: Prefix for Couchbase buckets (default to `jans`).
-- `CN_COUCHBASE_TRUSTSTORE_ENABLE`: Enable truststore for encrypted Couchbase connection (default to `true`).
-- `CN_COUCHBASE_KEEPALIVE_INTERVAL`: Keep-alive interval for Couchbase connection (default to `30000` milliseconds).
-- `CN_COUCHBASE_KEEPALIVE_TIMEOUT`: Keep-alive timeout for Couchbase connection (default to `2500` milliseconds).
 - `CN_SQL_DB_DIALECT`: Dialect name of SQL backend (one of `mysql`, `pgsql`; default to `mysql`).
 - `CN_SQL_DB_HOST`: Host of SQL backend (default to `localhost`).
 - `CN_SQL_DB_PORT`: Port of SQL backend (default to `3306`).
@@ -95,12 +84,12 @@ Hybrid persistence supports all available persistence types. To configure hybrid
 
     ```
     {
-        "default": "<couchbase|sql>",
-        "user": "<couchbase|sql>",
-        "site": "<couchbase|sql>",
-        "cache": "<couchbase|sql>",
-        "token": "<couchbase|sql>",
-        "session": "<couchbase|sql>",
+        "default": "<sql>",
+        "user": "<sql>",
+        "site": "<sql>",
+        "cache": "<sql>",
+        "token": "<sql>",
+        "session": "<sql>",
     }
     ```
 
@@ -112,7 +101,7 @@ Hybrid persistence supports all available persistence types. To configure hybrid
         "user": "sql",
         "site": "sql",
         "cache": "sql",
-        "token": "couchbase",
+        "token": "sql",
         "session": "sql",
     }
     ```

docker-admin-ui/scripts/bootstrap.py

@@ -6,9 +6,6 @@
 
 from jans.pycloudlib import get_manager
 from jans.pycloudlib import wait_for_persistence
-from jans.pycloudlib.persistence.couchbase import CouchbaseClient
-from jans.pycloudlib.persistence.couchbase import id_from_dn
-from jans.pycloudlib.persistence.couchbase import sync_couchbase_password
 from jans.pycloudlib.persistence.sql import doc_id_from_dn
 from jans.pycloudlib.persistence.sql import SqlClient
 from jans.pycloudlib.persistence.sql import sync_sql_password
@@ -28,9 +25,6 @@ def main():
     mapper = PersistenceMapper()
     persistence_groups = mapper.groups().keys()
 
-    if "couchbase" in persistence_groups:
-        sync_couchbase_password(manager)
-
     if "sql" in persistence_groups:
         sync_sql_password(manager)
 
@@ -59,7 +53,6 @@ def __init__(self, manager):
         self.manager = manager
 
         client_classes = {
-            "couchbase": CouchbaseClient,
             "sql": SqlClient,
         }
 
@@ -167,44 +160,22 @@ def save_config(self):
         with open("/app/templates/admin-ui/auiConfiguration.json") as f:
             conf_from_file = f.read() % self.ctx
 
-        dn = "ou=admin-ui,ou=configuration,o=jans"
-
-        if self.persistence_type == "sql":
-            dn = doc_id_from_dn(dn)
-            table_name = "jansAppConf"
-
-            entry = self.client.get(table_name, dn)
-            conf = entry.get("jansConfApp") or "{}"
-
-            should_update, merged_conf = resolve_conf_app(
-                json.loads(conf),
-                json.loads(conf_from_file),
-            )
+        dn = doc_id_from_dn("ou=admin-ui,ou=configuration,o=jans")
+        table_name = "jansAppConf"
 
-            if should_update:
-                logger.info("Updating admin-ui config app")
-                entry["jansConfApp"] = json.dumps(merged_conf)
-                entry["jansRevision"] = entry.get("jansRevision", 0) + 1
-                self.client.update(table_name, dn, entry)
+        entry = self.client.get(table_name, dn)
+        conf = entry.get("jansConfApp") or "{}"
 
-        elif self.persistence_type == "couchbase":
-            bucket = os.environ.get("CN_COUCHBASE_BUCKET_PREFIX", "jans")
-            dn = id_from_dn(dn)
-
-            req = self.client.exec_query(f"SELECT META().id, {bucket}.* FROM {bucket} USE KEYS '{dn}'")  # nosec: B608
-            entry = req.json()["results"][0]
-
-            conf = entry.get("jansConfApp") or {}
-
-            should_update, merged_conf = resolve_conf_app(
-                conf,
-                json.loads(conf_from_file),
-            )
+        should_update, merged_conf = resolve_conf_app(
+            json.loads(conf),
+            json.loads(conf_from_file),
+        )
 
-            if should_update:
-                logger.info("Updating admin-ui config app")
-                rev = entry["jansRevision"] + 1
-                self.client.exec_query(f"UPDATE {bucket} USE KEYS '{dn}' SET jansConfApp={json.dumps(merged_conf)}, jansRevision={rev}")  # nosec: B608
+        if should_update:
+            logger.info("Updating admin-ui config app")
+            entry["jansConfApp"] = json.dumps(merged_conf)
+            entry["jansRevision"] = entry.get("jansRevision", 0) + 1
+            self.client.update(table_name, dn, entry)
 
 
 def resolve_conf_app(old_conf, new_conf):

docker-admin-ui/scripts/upgrade.py

@@ -4,7 +4,6 @@
 from collections import namedtuple
 
 from jans.pycloudlib import get_manager
-from jans.pycloudlib.persistence import CouchbaseClient
 from jans.pycloudlib.persistence import SqlClient
 from jans.pycloudlib.persistence import PersistenceMapper
 from jans.pycloudlib.persistence import doc_id_from_dn
@@ -39,59 +38,8 @@ def modify_entry(self, key, attrs=None, **kwargs):
         return self.client.update(table_name, key, attrs), ""
 
 
-class CouchbaseBackend:
-    def __init__(self, manager):
-        self.manager = manager
-        self.client = CouchbaseClient(manager)
-        self.type = "couchbase"
-
-    def get_entry(self, key, filter_="", attrs=None, **kwargs):
-        bucket = kwargs.get("bucket")
-        req = self.client.exec_query(
-            f"SELECT META().id, {bucket}.* FROM {bucket} USE KEYS '{key}'"  # nosec: B608
-        )
-        if not req.ok:
-            return None
-
-        try:
-            _attrs = req.json()["results"][0]
-            id_ = _attrs.pop("id")
-            entry = Entry(id_, _attrs)
-        except IndexError:
-            entry = None
-        return entry
-
-    def modify_entry(self, key, attrs=None, **kwargs):
-        bucket = kwargs.get("bucket")
-        del_flag = kwargs.get("delete_attr", False)
-        attrs = attrs or {}
-
-        if del_flag:
-            kv = ",".join(attrs.keys())
-            mod_kv = f"UNSET {kv}"
-        else:
-            kv = ",".join([
-                "{}={}".format(k, json.dumps(v))
-                for k, v in attrs.items()
-            ])
-            mod_kv = f"SET {kv}"
-
-        query = f"UPDATE {bucket} USE KEYS '{key}' {mod_kv}"
-        req = self.client.exec_query(query)
-
-        if req.ok:
-            resp = req.json()
-            status = bool(resp["status"] == "success")
-            message = resp["status"]
-        else:
-            status = False
-            message = req.text or req.reason
-        return status, message
-
-
 BACKEND_CLASSES = {
     "sql": SQLBackend,
-    "couchbase": CouchbaseBackend,
 }
 
 
@@ -110,16 +58,9 @@ def invoke(self):
         self.update_backend_client()
 
     def update_web_client(self):
-        kwargs = {}
+        kwargs = {"table_name": "jansClnt"}
         client_id = self.manager.config.get("admin_ui_client_id")
-        id_ = f"inum={client_id},ou=clients,o=jans"
-
-        if self.backend.type == "sql":
-            kwargs = {"table_name": "jansClnt"}
-            id_ = doc_id_from_dn(id_)
-        elif self.backend.type == "couchbase":
-            kwargs = {"bucket": os.environ.get("CN_COUCHBASE_BUCKET_PREFIX", "jans")}
-            id_ = id_from_dn(id_)
+        id_ = doc_id_from_dn(f"inum={client_id},ou=clients,o=jans")
 
         entry = self.backend.get_entry(id_, **kwargs)
 
@@ -188,16 +129,9 @@ def update_web_client(self):
             self.backend.modify_entry(entry.id, entry.attrs, **kwargs)
 
     def update_backend_client(self):
-        kwargs = {}
+        kwargs = {"table_name": "jansClnt"}
         client_id = self.manager.config.get("token_server_admin_ui_client_id")
-        id_ = f"inum={client_id},ou=clients,o=jans"
-
-        if self.backend.type == "sql":
-            kwargs = {"table_name": "jansClnt"}
-            id_ = doc_id_from_dn(id_)
-        elif self.backend.type == "couchbase":
-            kwargs = {"bucket": os.environ.get("CN_COUCHBASE_BUCKET_PREFIX", "jans")}
-            id_ = id_from_dn(id_)
+        id_ = doc_id_from_dn(f"inum={client_id},ou=clients,o=jans")
 
         entry = self.backend.get_entry(id_, **kwargs)
 

docker-flex-all-in-one/Dockerfile

@@ -66,7 +66,7 @@ RUN ln -sf /app/flex_aio/admin_ui/entrypoint.sh /app/bin/admin-ui-entrypoint.sh
 # Assets sync
 # ===========
 
-ENV JANS_SOURCE_VERSION=6e00e723a99d700a4f82713b0c25b2d6e3ef5775
+ENV JANS_SOURCE_VERSION=871c36da8a2550ee2febd7c0d72c521898b226c3
 
 # note that as we're pulling from a monorepo (with multiple project in it)
 # we are using partial-clone and sparse-checkout to get the assets
@@ -141,8 +141,6 @@ ENV JETTY_BASE=/opt/jans/jetty \
     CN_LINK_JAVA_OPTIONS="" \
     CN_SHARE_AUTH_CONF=false \
     CN_SQL_PASSWORD_FILE=/etc/jans/conf/sql_password \
-    CN_COUCHBASE_PASSWORD_FILE=/etc/jans/conf/couchbase_password \
-    CN_COUCHBASE_SUPERUSER_PASSWORD_FILE=/etc/jans/conf/couchbase_superuser_password \
     CN_KEYCLOAK_LINK_JETTY_HOST=127.0.0.1 \
     CN_KEYCLOAK_LINK_JETTY_PORT=9092 \
     CN_KEYCLOAK_LINK_JAVA_OPTIONS="" \