This is an example Solo.io Gloo Platform Dev Portal frontend app, built with Vite, and configured to use React and Typescript. It can be used to view information about your APIs and usage plans, add or delete API keys, and view your OpenAPI schemas using an embedded Redoc UI or Swagger UI view. It also can be personalized with images and colors to match your branding and preferences.
For the full setup instructions, including the required Gloo Gateway Kubernetes resources, please check the solo.io docs site. The following steps assume that these resources are already applied.
-
Run the following to download and initialize the latest commit of this repository's main branch.
- This command uses tmplr for personalization of your developer portal. Currently, this just includes adding your company name, which shows up on the home page and on the website title, but could include other customization options in the future. The tmplr setup can be re-run at any time by running
npx tmplr
from the project's root directory.
mkdir portal-test && cd portal-test && npx tmplr solo-io/dev-portal-starter#main
- This command uses tmplr for personalization of your developer portal. Currently, this just includes adding your company name, which shows up on the home page and on the website title, but could include other customization options in the future. The tmplr setup can be re-run at any time by running
-
Build your image.
docker build -t "your-image-name" .
-
Push your image:
docker push "your-image-name"
-
Go through the steps on the solo.io docs site to set up dev portal resources and deploy your image. Use the same image name that you used to build the image for the portal-frontend deployment's
spec.template.containers.image
field.
-
If you would like to run your image outside the mesh you will need to:
-
Update your auth provider to enable the PKCE auth flow.
-
Update your portal server's
CorsPolicy
to include your portal frontend's domain. -
Update your portal server's
ExtAuthPolicy
to include the inlineJWKs from your auth provider. -
Run your portal frontend app with this command, replacing the variables to match your configuration:
docker run \ --name portal-frontend \ -p 4000:4000 \ -e VITE_PORTAL_SERVER_URL="/v1" \ -e VITE_CLIENT_ID="your-client-id" \ -e VITE_TOKEN_ENDPOINT="your-token-endpoint" \ -e VITE_AUTH_ENDPOINT="your-auth-endpoint" \ -e VITE_LOGOUT_ENDPOINT="your-logout-endpoint" \ "your-image-name"
-
If running this app in the mesh with an
ExtAuthPolicy
that has an "oidcAuthorizationCode" config, you will need to update the image name and environment variables in your portal frontend deployment. See the Environment Variables if using an oidcAuthorizationCode ExtAuthPolicy of this Readme for more details.
-
Prerequisites for Local Development:
-
Install Node v16.14.2 and yarn
-
Create a
.env.local
file in theprojects/ui
folder. Replace environment variable values to match your Gloo Platform Portal and oauth provider's installation. This file is ignored by git.VITE_PORTAL_SERVER_URL="/v1" VITE_CLIENT_ID="your-client-id" VITE_TOKEN_ENDPOINT="your-token-endpoint" VITE_AUTH_ENDPOINT="your-auth-endpoint" VITE_LOGOUT_ENDPOINT="your-logout-endpoint"
Sample values for Keycloak
VITE_PORTAL_SERVER_URL="/v1" VITE_CLIENT_ID="your-client-id" # the client registered in the Auth Server VITE_TOKEN_ENDPOINT="https://${KEYCLOAK_URL}/realms/master/protocol/openid-connect/token" VITE_AUTH_ENDPOINT="https://${KEYCLOAK_URL}/realms/master/protocol/openid-connect/auth" VITE_LOGOUT_ENDPOINT="https://${KEYCLOAK_URL}/realms/master/protocol/openid-connect/logout"
-
Run the UI locally:
make run-ui
UI iteration can also be done with Storybook. Storybook can run without any kubernetes resources set up. API responses are mocked using react-magnetic-di and @faker-js/faker. The Storybook server can be run on http:localhost:6006 using the command:
make run-storybook
The initial setup with tmplr can be re-run at any time by running npx tmplr
from the project's root directory.
The API details page includes a button to toggle between the Redoc and Swagger views, showing the Redoc view by default. Swagger can be changed to be the default view by modifying ApiSchemaDisplay.tsx
.
Components from the Mantine library are used across the app. Both Mantine and custom components use the colors defined in ./projects/ui/src/Styles/colors.ts
. See ./projects/ui/src/Styles/global-styles/mantine-theme.ts
for how this maps to the Mantine library components.
The simplest way to replace the logo used in the top-left of the page is to replace the logo.svg
file found at the top of the /Assets
folder.
Other images are intended as samples, but are reusable. They can be found at the top level of the /Assets
folder as well, except for the favicon which is found in /public
.
All icons can be found, as the others, in the /Assets
folder, inside /Icons
. The icons are all SVGs where the colors can be overriden by styling them or by modifying the SVG file. If an icon is added and you want to insert it with our standard approach of <Icon.some-icon-name />
you will need to also add a reference to it in the Icons.tsx
file found in the same folder.
You can add these environment variables to a .env.local
file in the projects/ui
folder. All Vite environment variables need to start with VITE_
in order for the app to be able to read them.
VITE_COMPANY_NAME
- This is the company name that is used for your Portal.VITE_PORTAL_SERVER_URL
- This is the URL for the Gloo Platform Portal REST server. The default value is "/v1".- Note: If using the example
RouteTable
for the "oidcAuthorizationCode"ExtAuthPolicy
configuration, this should be set to "/portal-server/v1"
- Note: If using the example
VITE_SWAGGER_CONFIG_URL
- This is an optional URL for your Swagger configuration file. The URL can be an absolute or relative path, and can be a JSON or YAML file. If you would like to configure the Swagger UI using the Swagger UI configuration options, you can do this by:- setting this variable, in your
.env.local
file, to"/swagger-config.yaml"
, - editing the
/projects/ui/public/swagger-config.yaml
file, - verifying your changes (with the
make run-ui
command), - rebuilding the project.
- setting this variable, in your
VITE_AUDIENCE
- This is an optional parameter if using Auth0 and need to send an audience parameter in your authorization requests. This should not be URL encoded, since it will be URL encoded when the request is sent.VITE_HOME_IMAGE_URL
- This is an optional parameter to set the image URL on the home page.VITE_BANNER_IMAGE_URL
- This is an optional parameter to set the banner image URL for the teams, apps, subscriptions, and API's pages.VITE_LOGO_IMAGE_URL
- This is an optional parameter to set the image URL for the logo in the upper left.VITE_CUSTOM_PAGES
- This is an optional value that describes Markdown or HTML custom pages that have been added to theprojects/ui/src/public
folder. In order to test this feature out out with the provided examples, set yourVITE_CUSTOM_PAGES
value to:When the website is opened, there should be two new pages in the top navigation bar. The custom page's'[{"title": "Markdown Example", "path": "/pages/markdown-example.md"}, {"title": "HTML Example", "path": "/pages/html-example.html"}]'
path
property must be publicly accessible and end with.md
or.html
.VITE_SWAGGER_PREFILL_API_KEY
- Prefills the Swagger UI authorization configuration for an API key or Bearer authorization scheme with the specified values. This can be set using the following format:'["authDefinitionKey", "apiKeyValue"]'
, where "authDefinitionKey" is the key name of the security scheme to use from the API definition. In case of OpenAPI 3.0 Bearer scheme,apiKeyValue
must contain just the token itself without the Bearer prefix. To use the logged in user's authorization token for theapiKeyValue
, you may use the following syntax:'["authDefinitionKey", "{{USER_TOKEN}}"]'
.VITE_SWAGGER_PREFILL_OAUTH
- Prefills the Swagger UI authorization configuration for an OAuth server. This variable should be set to a serialized JSON object that is the OAuth2 configuration. See the Swagger UI OAuth2 documentation for more information.- Converting the example object from the Swagger UI documentation to a string would result in the following:
VITE_SWAGGER_PREFILL_OAUTH='{"clientId": "your-client-id","clientSecret": "your-client-secret-if-required","realm": "your-realms","appName": "your-app-name","scopeSeparator": " ","scopes": "openid profile","additionalQueryStringParams": {"test": "hello"},"useBasicAuthenticationWithAccessCodeGrant": true,"usePkceWithAuthorizationCodeGrant": true}'
VITE_SWAGGER_PREFILL_BASIC
- Prefills the Swagger UI authorization configuration for a Basic authorization scheme. This can be set using the following format:'["authDefinitionKey", "username", "password"]'
.VITE_DEFAULT_APP_AUTH
- This controls whether the OAuth and/or API Key sections are shown on the App details page. Can be set to"OAUTH"
,"API_KEY"
, or"ALL"
. Defaults to"ALL"
.VITE_API_PAGE_RELOAD
- This is an optional parameter that ensures the API page reloads when navigating to it when set to"true"
. This is useful when gating the API page behind an auth flow.
These variables are required if your authorization server is configured to use the PKCE auth flow. If this app is hosted outside the mesh, then the PKCE auth flow must be used.
VITE_CLIENT_ID
- The oauth client id. In Keycloak, this is shown in the client settings of your keycloak instances UI:<your-keycloak-url>/auth
.VITE_TOKEN_ENDPOINT
- This is the endpoint to get the oauth token. In Keycloak, this is thetoken_endpoint
property from:<your-keycloak-url>/realms/<your-realm>/.well-known/openid-configuration
..VITE_AUTH_ENDPOINT
- This is the endpoint to get the PKCE authorization code. In Keycloak, this is theauthorization_code
property from:<your-keycloak-url>/realms/<your-realm>/.well-known/openid-configuration
.VITE_LOGOUT_ENDPOINT
- This is the endpoint to end your session. In Keycloak, this is theend_session_endpoint
property from:<your-keycloak-url>/realms/<your-realm>/.well-known/openid-configuration
.
These variables are required if this app is hosted in your mesh, behind a Gloo Platform RouteTable
that uses an ExtAuthPolicy
with an "oidcAuthorizationCode" config. In this configuration, your authorization server must be configured to use client id + secret authentication. The ExtAuthPolicy
in this configuration will handle user sessions with a browser cookie.
VITE_APPLIED_OIDC_AUTH_CODE_CONFIG
- This must be set to "true" if using the "oidcAuthorizationCode" config.VITE_OIDC_AUTH_CODE_CONFIG_CALLBACK_PATH
- This is the "callbackPath" value of your "oidcAuthorizationCode" config.VITE_OIDC_AUTH_CODE_CONFIG_LOGOUT_PATH
- This is the "logoutPath" value of your "oidcAuthorizationCode" config.
In your Keycloak administration console, make sure that "Direct Access Grants" is enabled in your client settings, and "Web Origins" is set to *
When making a new release, use the GitHub UI, and name your release in the format: v1.2.3. When the release is published, a new branch will be made (v1.2.x), and a build of that version will be tagged and published to gcr.io/solo-public/docs/portal-frontend:v1.2.3 (replacing v1.2.3 with your tag name).