Containerized portal as it runs in prod, locally (#3745)

- creates a new make target to run the Portal app containerized - updates portal addresses to work with podman machine - adds docs
2024-08-21 09:21:45 -06:00 · 2024-08-21 09:21:45 -06:00 · 92a8bfcc15
--- a/28
+++ b/28
@ -82,6 +82,33 @@ docker-secrets: aks.kubeconfig
 	docker secret rm --ignore proxy.crt
 	docker secret create proxy.crt ./secrets/proxy.crt

+.PHONY: runlocal-portal
+runlocal-portal: ci-rp docker-secrets
+	podman run \
+		--name aro-portal \
+		--rm \
+		--cap-drop net_raw \
+		-e RP_MODE \
+		-e AZURE_SUBSCRIPTION_ID \
+		-e AZURE_TENANT_ID \
+		-e LOCATION \
+		-e RESOURCEGROUP \
+		-e AZURE_PORTAL_CLIENT_ID \
+		-e AZURE_PORTAL_ELEVATED_GROUP_IDS \
+		-e AZURE_PORTAL_ACCESS_GROUP_IDS \
+		-e AZURE_RP_CLIENT_SECRET \
+		-e AZURE_RP_CLIENT_ID \
+		-e KEYVAULT_PREFIX \
+		-e DATABASE_ACCOUNT_NAME \
+		-e DATABASE_NAME \
+		-e NO_NPM=1 \
+		--secret proxy-client.key,target=/app/secrets/proxy-client.key \
+		--secret proxy-client.crt,target=/app/secrets/proxy-client.crt \
+		--secret proxy.crt,target=/app/secrets/proxy.crt \
+		-p 127.0.0.1:8444:8444 \
+		-p 127.0.0.1:2222:2222 \
+		$(RP_IMAGE_LOCAL) portal
+
 # Target to run the local RP
 .PHONY: runlocal-rp
 runlocal-rp: ci-rp docker-secrets
@ -132,7 +159,6 @@ runlocal-rp: ci-rp docker-secrets
 		--secret proxy.crt,target=/app/secrets/proxy.crt \
 		$(RP_IMAGE_LOCAL) rp

-		
 .PHONY: az
 az: pyenv
 	. pyenv/bin/activate && \
--- a/cmd/aro/portal.go
+++ b/cmd/aro/portal.go
@ -152,12 +152,10 @@ func portal(ctx context.Context, log *logrus.Entry, audit *logrus.Entry) error {
 		hostname = "localhost:8444"
 	}

-	address := "localhost:8444"
-	sshAddress := "localhost:2222"
+	address := ":8444"
+	sshAddress := ":2222"
 	if !_env.IsLocalDevelopmentMode() {
 		hostname = os.Getenv("PORTAL_HOSTNAME")
-		address = ":8444"
-		sshAddress = ":2222"
 	}

 	l, err := net.Listen("tcp", address)
--- a/docs/admin-portal.md
+++ b/docs/admin-portal.md
@ -30,6 +30,13 @@ You will require Node.js and `npm`. These instructions were tested with the vers

 ## Running Admin Portal in development

+### Running Portal locally as it does in prod
+
+This build uses the `make ci-rp` target to compile the NPM, and serve it via the RP running in a containerized env (the same way we run in prod). It is the recommended method to do final testing (or, if you don't want the hassle of installing `npm` or other tools locally).
+
+1. Run `make runlocal-portal`
+1. Go to `https://localhost:8444` to view the admin portal running
+
 ### Running Portal Served from development RP

 1. Complete Steps mentioned above to build and compile portal.