Skip to content

Commit

Permalink
Merge pull request #567 from permitio/maya/per-9378-upgrade-opal-docu…
Browse files Browse the repository at this point in the history
…sarus-to-one-without-vulnerabilities

Upgrade OPAL Docusarus to one without vulnerabilities
  • Loading branch information
maya-barak authored Apr 15, 2024
2 parents cd2fa17 + c0c60cb commit a45c2ea
Show file tree
Hide file tree
Showing 6 changed files with 7,985 additions and 15,055 deletions.
2 changes: 1 addition & 1 deletion documentation/docs/getting-started/configuration.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@ Please use this table as a reference.
| POLICY_STORE_CONN_RETRY | Retry options when connecting to the policy store (i.e. the agent that handles the policy, e.g. OPA). | |
| POLICY_STORE_POLICY_PATHS_TO_IGNORE | Which policy paths pushed to the client should be ignored. List of glob style paths, or paths without wildcards but ending with "/\*\*" indicating a parent path (ignoring all under it). | |
| INLINE_OPA_ENABLED | Whether or not OPAL should run OPA by itself in the same container. | |
| INLINE_OPA_CONFIG | If inline OPA is indeed enabled, the user can set the [server configuration options](https://docs.opal.ac/getting-started/running-opal/run-opal-client/opa-runner-parameters) that affects how OPA will start when running `opa run --server` inline. Watch escaping quotes. | {"config_file":"/mnt/opa/config"} |
INLINE_OPA_CONFIG | If inline OPA is indeed enabled, the user can set the [server configuration options](https://docs.opal.ac/getting-started/running-opal/run-opal-client/opa-runner-parameters) that affects how OPA will start when running `opa run --server` inline. Watch escaping quotes. | \{"config_file":"/mnt/opa/config"\}
| INLINE_OPA_LOG_FORMAT | | |
| KEEP_ALIVE_INTERVAL | | |
| OFFLINE_MODE_ENABLED | If set, opal client will try to load policy store from backup file and operate even if server is unreachable. Ignored if INLINE_OPA_ENABLED=False | |
Expand Down
4 changes: 2 additions & 2 deletions documentation/docs/overview/architecture.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -83,8 +83,8 @@ OPAL consists of two key components that work together:

## OPAL's architecture potentially uses two Pub/Sub channels-

Client <> Server - lightweight websocket Pub/Sub
Server <> Server - backbone Pub/Sub
Client \<> Server - lightweight websocket Pub/Sub
Server \<> Server - backbone Pub/Sub

While the lightweight channel requires no additional infrastructure, and can suffice for the can we are running only a single OPAL-server. If we wish to scale-out OPAL-servers, we achieve this using a backbone Pub/Sub (such as Redis, Kafka, or Postgres Listen/Notify) to sync all the servers (So a client connecting to one server, receive notifications of updates that are triggered by another server)
The backbone Pub/Sub is connected to the lightweight Pub/SUb through the [Broadcaster](https://pypi.org/project/broadcaster/) module.
Expand Down
6 changes: 3 additions & 3 deletions documentation/docs/overview/scopes.md
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ other setting.
The authorization used in this example are GitHub Personal Access Tokens that
can be [generated here](https://github.com/settings/tokens).

```shell
```bash
curl --request PUT 'http://opal_server/scopes'
--header 'Content-Type: application/json'
--header 'Authorization: $OPAL_TOKEN'
Expand Down Expand Up @@ -65,7 +65,7 @@ curl --request PUT 'http://opal_server/scopes'
}'
```

```shell
```bash
curl --request PUT 'http://opal_server/scopes'
--header 'Content-Type: application/json'
--header 'Authorization: $OPAL_TOKEN'
Expand Down Expand Up @@ -97,7 +97,7 @@ curl --request PUT 'http://opal_server/scopes'

### Launch OPAL Client with a scope

```shell
```bash
docker run -it \
--env OPAL_CLIENT_TOKEN \
--env OPAL_SERVER_URL \
Expand Down
9 changes: 4 additions & 5 deletions documentation/docusaurus.config.js
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
// @ts-check
// Note: type annotations allow type checking and IDEs autocompletion

const lightCodeTheme = require("./src/css/prism-theme");
const darkCodeTheme = require("prism-react-renderer/themes/dracula");

/** @type {import('@docusaurus/types').Config} */
const config = {
Expand Down Expand Up @@ -37,7 +35,8 @@ const config = {
},
blog: false, // disabled docusaurus default blog
theme: {
customCss: require.resolve("./src/css/custom.scss"),
customCss:[ require.resolve("./src/css/custom.scss")
]
},
}),
],
Expand Down Expand Up @@ -73,8 +72,8 @@ const config = {
copyright: `Copyright © ${new Date().getFullYear()} Permit, Inc.`,
},
prism: {
theme: require("prism-react-renderer/themes/nightOwl"),
// darkTheme: require("prism-react-renderer/themes/nightOwlLight"),
theme: require('prism-react-renderer').themes.nightOwl,
additionalLanguages: ['bash']
},
announcementBar: {
id: "support_us",
Expand Down
Loading

0 comments on commit a45c2ea

Please sign in to comment.