The Compass Console is a web-based UI for managing resources within Compass.
The Console includes React and Angular libraries:
React common- common functionalities for React applicationsReact components- components for React applications (it will be replaced byShared components)Shared components- new versions of components for React applications written in TypeScriptGeneric documentation- a React component that uses@kyma-project/documentation-componentfor displaying documentation and various specifications.
-
Change your current directory to the
compass-console/compassdirectory. -
Run the following commands in your terminal:
npm install cd .. npm run bootstrap -- https://{OIDC-PROVIDER-DOMAIN} {OIDC-CLIENT-ID} cd compass npm start
NOTE: The
npm run bootstrapcommand does the following:- Installs root dependencies provided in the package.json file.
- Installs dependencies for the
React common,React components,Shared componentsandGeneric documentationlibraries. - Builds all the libraries.
- Installs dependencies for all the components.
- Creates the
.clusterConfig.genconfiguration file if it doesn't exist, pointing at thekyma.localdomain.
NOTE: To skip the OIDC configuration arguments
{OIDC-PROVIDER-DOMAIN}and{OIDC-CLIENT-ID}, you can use thenpm run bootstrap:compasscommand instead of thenpm run bootstrap -- https://{OIDC-PROVIDER-DOMAIN} {OIDC-CLIENT-ID}command. This way, the npm script tries to get the required values from the ~/.compass.yaml file. To carry out the command, you need the yq tool. The ~/compass.yaml file must have the following structure:idpHost: {URL_TO_OIDC_SERVER}
clientID: {OIDC_CLIENT_ID}
adminGroupNames: {OIDC_ADMIN_GROUPS}
Note that the Compass console works properly only when the configuration arguments are passed or the ~.compass.yaml file exists.
-
As a result, the Compass UI opens in a new tab of your browser. Alternatively, you can go to
http://localhost:8080.
By default, the Compass cluster URL, with which the Console communicates, is set to kyma.local. To change the address of the cluster, run:
./scripts/setClusterConfig.sh {CLUSTER_URL} https://{YOUR-OIDC-PROVIDER-DOMAIN} {YOUR-OIDC-CLIENT-ID}To simplify switching of clusters, hosted on the same domain, you can assign the domain to CLUSTER_HOST environment variable, and then, use any subdomain as a cluster name.
For example, if you want to easily switch between two clusters foo.abc.com and bar.abc.com, run the following commands:
export CLUSTER_HOST=abc.com
# If you use only one domain for your cluster, consider setting it permanently in your shell.
./scripts/setClusterConfig.sh foo
# After setting the CLUSTER_HOST variable this is equal to running ./scripts/.setClusterConfig foo.abc.com
./scripts/setClusterConfig.sh bar
# Switch to a different cluster on the same domainTo reset the domain to the default kyma.local setting, run:
./scripts/setClusterConfig.sh localTo get the credentials required to access the local instance of the Compass Console at http://compass-dev.kyma.local:8080, follow the instructions from this document.
If you want to display the changes in the React libraries simultaneously, run the following command in a new terminal window:
npm run watch:librariesYou can start developing as soon as you start the Compass Console locally. All modules have hot-reload enabled, and therefore, you can edit the code in real time and see the changes in your browser.
The Compass Console UI is available at http://localhost:8080 or http://compass-dev.kyma.local:8080.
When developing new features in Compass Console UI, adhere to the following rules. This will help you to mitigate any security-related threats.
- Do not store the authentication token as a cookie. Make sure the token is sent to the Console Backend Service as a bearer token.
- Make sure that state-changing operations (gql mutations) are only triggered upon explicit user interactions such as form submissions.
- Keep in mind that UI rendering in response to user navigating between views is only allowed to trigger read-only operations (gql queries and subscriptions) without any data mutations.
- It is recommended to use JS frameworks that have built-in XSS prevention mechanisms, such as reactJS, vue.js or angular.
- As a rule of thumb, you cannot perceive user input to be 100% safe. Get familiar with prevention mechanisms included in the framework of your choice. Make sure the user input is sanitized before it is embedded in the DOM tree.
- Get familiar with the most common XSS bypasses and potential dangers. Keep them in mind when writing or reviewing the code.
- Enable the
Content-security-policyheader for all new micro frontends to ensure in-depth XSS prevention. Do not allow forunsafe-evalpolicy.
For more information about how to run tests and configure them, go to the tests directory.
TIP: To solve most of the problems with the Console development, clear the browser cache or perform a complete refresh of the web page.
Remove the node_modules folder and the package-lock.json file in the compass directory and on the root. Then, rerun the npm run bootstrap command in the root context and push all changes.
To solve the problem, refer to the guidelines from this document.
To quickly check the availability of remote clusters, use the checkClusterAvailability.sh script.
./scripts/checkClusterAvailability.sh {CLUSTER_URL}
# or
export CLUSTER_HOST=abc.com
./scripts/checkClusterAvailability.sh {cluster_subdomain}
# the same as ./scripts/checkClusterAvailability.sh {CLUSTER_SUBDOMAIN}.abc.com
# or
./scripts/checkClusterAvailability.sh
# Checks the availability of every cluster that has ever been set through setClusterConfig.sh
# or checked with checkClusterAvailability.sh on your machine.
# or
./scripts/checkClusterAvailability.sh -s {cluster_domain}
# Returns an appropriate exit code if the cluster is unavailable.