37 lines
1.4 KiB
Markdown
37 lines
1.4 KiB
Markdown
# Containerization Runbook
|
|
|
|
## Image Build
|
|
|
|
If the repo consumes internal packages from Gitea, pass feed credentials as build args.
|
|
|
|
```bash
|
|
docker build --build-arg NUGET_FEED_USERNAME=<gitea-login> --build-arg NUGET_FEED_TOKEN=<gitea-token> -t agilewebs/thalos-bff:dev .
|
|
```
|
|
|
|
## Local Run
|
|
|
|
```bash
|
|
docker run --rm -p 8080:8080 \
|
|
-e ThalosService__GrpcAddress=http://thalos-service:8081 \
|
|
-e ThalosBff__Oidc__Google__ClientId=<google-client-id> \
|
|
-e ThalosBff__Oidc__Google__ClientSecret=<google-client-secret> \
|
|
-e ThalosBff__Oidc__Google__RedirectUri=https://auth.dream-views.com/api/identity/oidc/google/callback \
|
|
-e ThalosBff__Oidc__StateSigningSecret=<state-signing-secret> \
|
|
-e ThalosBff__SessionCookieSecure=true \
|
|
-e ThalosBff__SessionCookieDomain=.dream-views.com \
|
|
--name thalos-bff agilewebs/thalos-bff:dev
|
|
```
|
|
|
|
## Health Probe
|
|
|
|
- Path: `/health`
|
|
- Fallback path: `/healthz`
|
|
- Port: `8080`
|
|
|
|
## Runtime Notes
|
|
|
|
- Requires `ThalosService__GrpcAddress` to target thalos-service in distributed runs.
|
|
- gRPC client contract protobuf is vendored at `src/Thalos.Bff.Rest/Protos/identity_runtime.proto` to keep image builds repo-local.
|
|
- OIDC callback requires `ThalosBff__Oidc__Google__ClientId`, `ClientSecret`, `RedirectUri`, and `StateSigningSecret`.
|
|
- For cross-subdomain SPA auth, set `ThalosBff__SessionCookieDomain=.dream-views.com` and secure cookies in non-local environments.
|