{"id":20263616,"url":"https://github.com/springerpe/oauth2-proxy-boshrelease","last_synced_at":"2026-05-11T15:39:53.080Z","repository":{"id":80987380,"uuid":"149758826","full_name":"SpringerPE/oauth2-proxy-boshrelease","owner":"SpringerPE","description":"Bosh release to perform SSO Auth ","archived":false,"fork":false,"pushed_at":"2018-09-21T12:51:19.000Z","size":64,"stargazers_count":1,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-03T19:59:35.897Z","etag":null,"topics":["bosh","bosh-release","nginx","nginx-lua","nginx-proxy","oauth2","sso","sso-authentication"],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SpringerPE.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-09-21T12:15:11.000Z","updated_at":"2018-10-15T18:12:15.000Z","dependencies_parsed_at":null,"dependency_job_id":"6d71843b-1360-4fd3-a78b-ac16e243c1fc","html_url":"https://github.com/SpringerPE/oauth2-proxy-boshrelease","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/SpringerPE/oauth2-proxy-boshrelease","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpringerPE%2Foauth2-proxy-boshrelease","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpringerPE%2Foauth2-proxy-boshrelease/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpringerPE%2Foauth2-proxy-boshrelease/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpringerPE%2Foauth2-proxy-boshrelease/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SpringerPE","download_url":"https://codeload.github.com/SpringerPE/oauth2-proxy-boshrelease/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpringerPE%2Foauth2-proxy-boshrelease/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32902243,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-10T13:40:02.631Z","status":"online","status_checked_at":"2026-05-11T02:00:05.975Z","response_time":120,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bosh","bosh-release","nginx","nginx-lua","nginx-proxy","oauth2","sso","sso-authentication"],"created_at":"2024-11-14T11:35:43.594Z","updated_at":"2026-05-11T15:39:53.061Z","avatar_url":"https://github.com/SpringerPE.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Oauth2-proxy Bosh Release\n\nThis is a release based in https://github.com/bitly/oauth2_proxy\noffering a reverse proxy that provides SSO authentication layer with Google,\nGithub or other provider. Nginx is doing HTTP Basic Auth once SSO authentication\nis done againts Github, Google, etc. \n\nThis release also ships with Nginx and Lua support allowing you to define\ncustom rules and lua programs to define complex rules againts APIs and backend.\n\nInitially was created to provide an authentication layer with Google for Kibana.\n\n\n# Developing\n\nFirst of all, when do a git commit, try to use good commit messages; the release\nchanges on each release will be taken from the commit messages!\n\nWhen you make changes in the packages (or add new ones), please use\n`./update-blobs.sh` to sync and upload the new blobs. This script reads the `spec` file \nof every package or looks for a `prepare` script (inside the folder of each package):\n\n* If there is a `packages/\u003cpackage\u003e/prepare`, it executes it and goes to the next package.\n* If the spec file of a package in `packages/\u003cpackage\u003e/spec` has a key `files` with this\nformat `- folder/src.tgz   # url`, for example:\n```\nfiles:\n- ruby-2.3/ruby-2.3.7.tar.gz      # https://cache.ruby-lang.org/pub/ruby/2.3/ruby-2.3.7.tar.gz\n- ruby-2.3/rubygems-2.7.7.tgz     # https://rubygems.org/rubygems/rubygems-2.7.7.tgz\n```\nIt will take the url, download the file to `blobs/ruby-2.3/ruby-2.3.7.tar.gz` and\nit will run `bosh add-blob` with the new src \"ruby-2.3.7.tar.gz\". Take into\naccount the script does not download a package if there is a file with the same\nname in the destination folder, so it the package was not properly downloaded\n(e.g. script execution interrupted), please delete the destination folder and try\nagain.\n\nThe idea is make it easy to update the version of the packages. Making a `packaging`\nscript flexible, not linked to version, updating a package is just a matter of \nupdating its `spec` file and run `./update-blobs.sh` and you have a new version\nready!. Extract of a ruby `packaging` script (just and example):\n```\n# Grab the latest versions that are in the directory\nRUBY_VERSION=`ls -r ruby-2.3/ruby-* | sed 's/ruby-2.3\\/ruby-\\(.*\\)\\.tar\\.gz/\\1/' | head -1`\nRUBYGEMS_VERSION=`ls -r ruby-2.3/rubygems-* | sed 's/ruby-2.3\\/rubygems-\\(.*\\)\\.tgz/\\1/' | head -1`\n\necho \"Extracting ruby-${RUBY_VERSION} ...\"\ntar xvf ruby-2.3/ruby-${RUBY_VERSION}.tar.gz\n\necho \"Building ruby-${RUBY_VERSION} ...\"\npushd ruby-${RUBY_VERSION}\n  LDFLAGS=\"-Wl,-rpath -Wl,${BOSH_INSTALL_TARGET}\" ./configure --prefix=${BOSH_INSTALL_TARGET} --disable-install-doc --with-opt-dir=${BOSH_INSTALL_TARGET}\n  make\n  make install\npopd\n```\n\nThe script does not process any args and it is safe to run as many times as you need\n(take into account if you create `prepare` scrips!).\n\n\n## Creating Dev releases (for testing)\n\nTo create a dev release -for testing purposes-, just run:\n\n```\n# Update or sync blobs\n./update-blobs.sh\n# Create a dev release\nbosh  create-release --force --tarball=/tmp/release.tgz\n# Upload release to bosh director\nbosh -e \u003cbosh-env\u003e upload-release /tmp/release.tgz\n```\n\nThen you can modify your manifest to include `latest` as a version (no `url` and `sha` \nfields are needed when the release is manually uploaded): \n\n```\nreleases:\n  [...]\n- name: cf-logging\n  version: latest\n```\n\nOnce you know that the dev version is working, you can generate and publish a final\nversion of the release (see  below), and remember to change the deployment manifest\nto use a url of the new final manifest like this:\n\n```\nreleases:\n  [...]\n- name: oauth2-proxy\n  url: https://github.com/SpringerPE/oauth2-proxy-boshrelease/releases/download/v1/oauth2-proxy-1.tgz\n  version: 1\n  sha1: 12c34892f5bc99491c310c8867b508f1bc12629c\n```\n\nor much better, use an operations file ;-)\n\n\n\n## Creating a new final release and publishing to GitHub releases:\n\nRun: `./create-final-public-release.sh [version-number]`\n\nKeep in mind you will need a Github token defined in a environment variable `GITHUB_TOKEN`.\nPlease get your token here: https://help.github.com/articles/creating-an-access-token-for-command-line-use/\nand run `export GITHUB_TOKEN=\"xxxxxxxxxxxxxxxxx\"`, after that you can use the script.\n\n`version-number` is optional. If not provided it will create a new major version\n(as integer), otherwise you can specify versions like \"8.1\", \"8.1.2\". There is a\nregular expresion in the script to check if the format is correct. Bosh client\ndoes not allow you to create 2 releases with the same version number. If for some\nreason you need to recreate a release version, delete the file created in \n`releases/oauth2-proxy-boshrelease` and update the index file in the same location,\nyou also need to remove the release (and tags) in Github.\n\n\n\n# Deploying with operations files:\n\n\nFor example to deploy the base manifest (`manifest` folder):\n \n\n```\nbosh -d logstash deploy oauth2-proxy.yml \\\n    -o operations/add-release-version.yml  --vars-file vars-release-version.yml \\\n    -o operations/add-iaas-parameters.yml  --vars-file vars-iaas-parameters.yml\n```\n\n\nBe aware you need to define this secrets in Credhub:\n\n```\n# oauth2_proxy\noauth2_proxy-client_id: xxxxxxxxxxxxxxxxxxxxxxxxxxx\noauth2_proxy-client_secret: xxxxxxxxxxxxxxxxxxxxxxxxxx\noauth2_proxy-cookie_secret: xxxxxxxxxxxxxxxxxxxxxx\noauth2_proxy-domains: [ hola.com, example.com ]\noauth2_proxy-url: \"http://kibana.example.com\"\noauth2_proxy-upstream: \"http://external-kibana.com:8080\"\n# \"bmdpbng6c2VjcmV0cGFzc3dvcmQ=\"is a base64 encoded string of my service account 's credentials \"nginx:secretpassword\"\noauth2_proxy-upstream-basic-auth: \"Basic bmdpbng6c2VjcmV0cGFzc3dvcmQ=\"\n```\n\n\n# Author\n\n\nSpringerNature Platform Engineering\n\nJosé Riguera López (jose.riguera@springer.com)\n\n\n# License\n\nApache 2.0 License\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspringerpe%2Foauth2-proxy-boshrelease","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fspringerpe%2Foauth2-proxy-boshrelease","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspringerpe%2Foauth2-proxy-boshrelease/lists"}