diff --git a/minimal-setup/basic-auth/docker-compose.yml b/minimal-setup/basic-auth/docker-compose.yml index 24ae336..bf0641c 100644 --- a/minimal-setup/basic-auth/docker-compose.yml +++ b/minimal-setup/basic-auth/docker-compose.yml @@ -6,7 +6,7 @@ version: "3" services: nginx: - image: orthancteam/orthanc-nginx:24.6.1 + image: orthancteam/orthanc-nginx:24.7.1 depends_on: [orthanc, orthanc-auth-service, orthanc-for-shares] restart: unless-stopped ports: ["80:80"] @@ -23,7 +23,7 @@ services: ENABLE_OHIF: "true" orthanc: - image: orthancteam/orthanc:24.6.2 + image: orthancteam/orthanc:24.7.1 volumes: - orthanc-storage:/var/lib/orthanc/db depends_on: [orthanc-db] @@ -64,7 +64,7 @@ services: } orthanc-for-shares: - image: orthancteam/orthanc:24.6.2 + image: orthancteam/orthanc:24.7.1 volumes: - orthanc-storage:/var/lib/orthanc/db depends_on: [orthanc-db] @@ -107,7 +107,7 @@ services: } orthanc-auth-service: - image: orthancteam/orthanc-auth-service:24.6.1 + image: orthancteam/orthanc-auth-service:24.7.1 restart: unless-stopped environment: SECRET_KEY: "change-me-I-am-a-secret-key" @@ -121,7 +121,7 @@ services: } ohif: - image: orthancteam/ohif-v3:24.6.1 + image: orthancteam/ohif-v3:24.7.1 # uncomment if you want to customize ohif configuration # volumes: # - ./ohif-app-config.js:/usr/share/nginx/html/app-config.js diff --git a/minimal-setup/keycloak-meddream-full/docker-compose.yml b/minimal-setup/keycloak-meddream-full/docker-compose.yml index 966136d..a9422fe 100644 --- a/minimal-setup/keycloak-meddream-full/docker-compose.yml +++ b/minimal-setup/keycloak-meddream-full/docker-compose.yml @@ -6,7 +6,7 @@ version: "3" services: nginx: - image: orthancteam/orthanc-nginx:24.6.1 + image: orthancteam/orthanc-nginx:24.7.1 depends_on: [orthanc, orthanc-auth-service, orthanc-for-api, meddream-viewer, keycloak] restart: unless-stopped ports: ["80:80"] @@ -24,7 +24,7 @@ services: ENABLE_ORTHANC_FOR_API: "true" orthanc: - image: orthancteam/orthanc:24.6.2 + image: orthancteam/orthanc:24.7.1 volumes: - orthanc-storage:/var/lib/orthanc/db depends_on: [orthanc-db] @@ -76,7 +76,7 @@ services: } orthanc-auth-service: - image: orthancteam/orthanc-auth-service:24.6.1 + image: orthancteam/orthanc-auth-service:24.7.1 depends_on: [keycloak, meddream-token-service] # permissions can be customized in the permissions.json file volumes: @@ -85,6 +85,8 @@ services: environment: SECRET_KEY: "change-me-I-am-a-secret-key" ENABLE_KEYCLOAK: "true" +# # to enable the permissions edition UI in OE2, you need to provide a KEYCLOAK_CLIENT_SECRET +# KEYCLOAK_CLIENT_SECRET: "change-me-I-am-a-secret-you-get-in-keycloak-admin-ui" PUBLIC_ORTHANC_ROOT: "http://localhost/orthanc/" PUBLIC_LANDING_ROOT: "http://localhost/orthanc/ui/app/token-landing.html" USERS: | @@ -102,7 +104,7 @@ services: POSTGRES_HOST_AUTH_METHOD: "trust" keycloak: - image: orthancteam/orthanc-keycloak:24.6.1 + image: orthancteam/orthanc-keycloak:24.7.1 depends_on: [keycloak-db] restart: unless-stopped environment: @@ -125,11 +127,11 @@ services: POSTGRES_DB: "keycloak" meddream-token-service: - image: orthancteam/meddream-token-service:24.6.1 + image: orthancteam/meddream-token-service:24.7.1 restart: unless-stopped meddream-viewer: - image: orthancteam/meddream-viewer:24.6.1 + image: orthancteam/meddream-viewer:24.7.1 restart: unless-stopped depends_on: - orthanc-for-api @@ -151,7 +153,7 @@ services: # An orthanc dedicated for API accesses and also used by MedDream orthanc-for-api: - image: orthancteam/orthanc:24.6.2 + image: orthancteam/orthanc:24.7.1 volumes: - orthanc-storage:/var/lib/orthanc/db - ./meddream-plugin.py:/scripts/meddream-plugin.py diff --git a/minimal-setup/keycloak/docker-compose.yml b/minimal-setup/keycloak/docker-compose.yml index 5f2cf0c..1741383 100644 --- a/minimal-setup/keycloak/docker-compose.yml +++ b/minimal-setup/keycloak/docker-compose.yml @@ -6,7 +6,7 @@ version: "3" services: nginx: - image: orthancteam/orthanc-nginx:24.6.1 + image: orthancteam/orthanc-nginx:24.7.1 depends_on: [orthanc, orthanc-auth-service, keycloak] restart: unless-stopped ports: ["80:80"] @@ -24,8 +24,7 @@ services: ENABLE_OHIF: "true" orthanc: -# to use OHIF-plugin: use the master-unstable image - image: orthancteam/orthanc-pre-release:master-unstable + image: orthancteam/orthanc:24.7.1 volumes: - orthanc-storage:/var/lib/orthanc/db depends_on: [orthanc-db] @@ -91,7 +90,7 @@ services: } orthanc-auth-service: - image: orthancteam/orthanc-auth-service:24.6.1 + image: orthancteam/orthanc-auth-service:24.7.1 # always disable port mapping in production !!! # ports: ["8000:8000"] # permissions can be customized in the permissions.json file @@ -103,7 +102,9 @@ services: SECRET_KEY: "change-me-I-am-a-secret-key" ENABLE_KEYCLOAK: "true" # ENABLE_KEYCLOAK_API_KEYS: "true" +# # to enable the permissions edition UI in OE2, you need to provide a KEYCLOAK_CLIENT_SECRET # KEYCLOAK_CLIENT_SECRET: "change-me-I-am-a-secret-you-get-in-keycloak-admin-ui" + KEYCLOAK_CLIENT_SECRET: "TxOYLTicpl1iZIO0XgWzSE0jzmA40mb5" PUBLIC_ORTHANC_ROOT: "http://localhost/orthanc/" PUBLIC_LANDING_ROOT: "http://localhost/orthanc/ui/app/token-landing.html" # to use OHIF-plugin: make sure to use http://localhost/orthanc/ohif/ @@ -123,7 +124,7 @@ services: # to use OHIF-plugin: you don't need this container ohif: - image: orthancteam/ohif-v3:24.6.1 + image: orthancteam/ohif-v3:24.7.1 # uncomment if you want to customize ohif configuration # volumes: # - ./ohif-app-config.js:/usr/share/nginx/html/app-config.js @@ -131,7 +132,7 @@ services: keycloak: - image: orthancteam/orthanc-keycloak:24.6.1 + image: orthancteam/orthanc-keycloak:24.7.1 depends_on: [keycloak-db] restart: unless-stopped # healthcheck: diff --git a/release-notes.md b/release-notes.md index df879f5..625bd37 100644 --- a/release-notes.md +++ b/release-notes.md @@ -4,7 +4,9 @@ SPDX-FileCopyrightText: 2022 - 2024 Orthanc Team SRL SPDX-License-Identifier: GPL-3.0-or-later --> -v 24.6.1 +- fix: read KEYCLOAK_CLIENT_SECRET from secrets or environment variable + +v 24.7.1 ======== - when requesting a user-profile with e.g. a basic auth token, the auth-service now diff --git a/sources/ohif/Dockerfile.ohif-v3 b/sources/ohif/Dockerfile.ohif-v3 index 8aa5efc..acbbdb6 100644 --- a/sources/ohif/Dockerfile.ohif-v3 +++ b/sources/ohif/Dockerfile.ohif-v3 @@ -9,7 +9,7 @@ FROM node:18.16.1-slim as builder RUN apt-get update && apt-get install -y git WORKDIR /sources -RUN git clone https://github.com/OHIF/Viewers.git && cd /sources/Viewers && git checkout v3.9.0-beta.50 +RUN git clone https://github.com/OHIF/Viewers.git && cd /sources/Viewers && git checkout v3.9.0-beta.56 WORKDIR /sources/Viewers diff --git a/sources/orthanc_auth_service/app.py b/sources/orthanc_auth_service/app.py index f1b273c..5c58b31 100644 --- a/sources/orthanc_auth_service/app.py +++ b/sources/orthanc_auth_service/app.py @@ -17,7 +17,7 @@ from shares.keycloak import create_keycloak_from_secrets from shares.roles_configuration import RolesConfiguration from shares.keycloak_admin import KeycloakAdmin -from shares.utils.utils import get_secret_or_die +from shares.utils.utils import get_secret_or_die, is_secret_defined logging.basicConfig(level=logging.DEBUG) @@ -46,7 +46,7 @@ logging.warning("ENABLE_KEYCLOAK_API_KEYS is set, using keycloak to handle api-keys") needKeycloakAdmin = True - if needKeycloakAdmin or os.environ.get("KEYCLOAK_CLIENT_SECRET") is not None: + if needKeycloakAdmin or is_secret_defined("KEYCLOAK_CLIENT_SECRET") is not None: keycloak_client_secret = get_secret_or_die("KEYCLOAK_CLIENT_SECRET") keycloak_admin_uri = os.environ.get("KECLOAK_ADMIN_URI", "http://keycloak:8080/admin/realms/orthanc/") keycloak_admin_client = KeycloakAdmin(keycloak_uri=keycloak_uri,