kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

Merge pull request 'fix: use non-distroless image for init-rp to allow shell execution' (#397) from fix/login into dev

Browse Source 
Reviewed-on: baron/baron-sso#397
This commit is contained in:
조찬영
2026-03-19 09:24:50 +09:00
parent 9cee09c140 ff37ad918a
commit d95fec4651
1 changed files with 11 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
docker/staging_pull_compose.template.yaml
View File

@@ -263,13 +263,18 @@ services:
- ory-net - ory-net
init-rp: init-rp:
image: oryd/hydra:${HYDRA_VERSION:-v25.4.0} image: alpine:latest
env_file: env_file:
- .env - .env
entrypoint: ["/bin/sh"]
command: command:
- /bin/sh
- -ec - -ec
- | - |
apk add --no-cache curl tar
curl -sLo /tmp/hydra.tar.gz https://github.com/ory/hydra/releases/download/v25.4.0/hydra_25.4.0-linux_64bit.tar.gz
tar -xzf /tmp/hydra.tar.gz -C /usr/local/bin hydra
rm /tmp/hydra.tar.gz
hydra delete oauth2-client --endpoint http://hydra:4445 adminfront >/dev/null 2>&1 || true hydra delete oauth2-client --endpoint http://hydra:4445 adminfront >/dev/null 2>&1 || true
hydra delete oauth2-client --endpoint http://hydra:4445 devfront >/dev/null 2>&1 || true hydra delete oauth2-client --endpoint http://hydra:4445 devfront >/dev/null 2>&1 || true
hydra delete oauth2-client --endpoint http://hydra:4445 $${OATHKEEPER_INTROSPECT_CLIENT_ID:-oathkeeper-introspect} >/dev/null 2>&1 || true hydra delete oauth2-client --endpoint http://hydra:4445 $${OATHKEEPER_INTROSPECT_CLIENT_ID:-oathkeeper-introspect} >/dev/null 2>&1 || true
@@ -281,7 +286,7 @@ services:
--response-type code \ --response-type code \
--scope openid,offline_access,profile,email \ --scope openid,offline_access,profile,email \
--token-endpoint-auth-method none \ --token-endpoint-auth-method none \
--redirect-uri $${ADMINFRONT_CALLBACK_URLS:-http://localhost:5173/auth/callback} --redirect-uri "$${ADMINFRONT_CALLBACK_URLS:-http://localhost:5173/auth/callback}"
hydra create oauth2-client \ hydra create oauth2-client \
--endpoint http://hydra:4445 \ --endpoint http://hydra:4445 \
@@ -290,12 +295,12 @@ services:
--response-type code \ --response-type code \
--scope openid,offline_access,profile,email \ --scope openid,offline_access,profile,email \
--token-endpoint-auth-method none \ --token-endpoint-auth-method none \
--redirect-uri $${DEVFRONT_CALLBACK_URLS:-http://localhost:5174/auth/callback} --redirect-uri "$${DEVFRONT_CALLBACK_URLS:-http://localhost:5174/auth/callback}"
hydra create oauth2-client \ hydra create oauth2-client \
--endpoint http://hydra:4445 \ --endpoint http://hydra:4445 \
--id $${OATHKEEPER_INTROSPECT_CLIENT_ID:-oathkeeper-introspect} \ --id "$${OATHKEEPER_INTROSPECT_CLIENT_ID:-oathkeeper-introspect}" \
--secret $${OATHKEEPER_INTROSPECT_CLIENT_SECRET:-oathkeeper-secret} \ --secret "$${OATHKEEPER_INTROSPECT_CLIENT_SECRET:-oathkeeper-secret}" \
--grant-type client_credentials \ --grant-type client_credentials \
--response-type token \ --response-type token \
--scope openid,offline_access,profile,email --scope openid,offline_access,profile,email