openanalytics
diff --git a/‎src/main/java/eu/openanalytics/containerproxy/ContainerProxyApplication.java‎
Lines changed: 7 additions & 2 deletions b/‎src/main/java/eu/openanalytics/containerproxy/ContainerProxyApplication.java‎
Lines changed: 7 additions & 2 deletions
diff --git a/‎src/main/java/eu/openanalytics/containerproxy/auth/IAuthenticationBackend.java‎
Lines changed: 2 additions & 3 deletions b/‎src/main/java/eu/openanalytics/containerproxy/auth/IAuthenticationBackend.java‎
Lines changed: 2 additions & 3 deletions
diff --git a/‎src/main/java/eu/openanalytics/containerproxy/auth/impl/KerberosAuthenticationBackend.java‎
Lines changed: 4 additions & 3 deletions b/‎src/main/java/eu/openanalytics/containerproxy/auth/impl/KerberosAuthenticationBackend.java‎
Lines changed: 4 additions & 3 deletions
diff --git a/‎src/main/java/eu/openanalytics/containerproxy/auth/impl/OpenIDAuthenticationBackend.java‎
Lines changed: 3 additions & 3 deletions b/‎src/main/java/eu/openanalytics/containerproxy/auth/impl/OpenIDAuthenticationBackend.java‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎src/main/java/eu/openanalytics/containerproxy/backend/AbstractContainerBackend.java‎
Lines changed: 37 additions & 43 deletions b/‎src/main/java/eu/openanalytics/containerproxy/backend/AbstractContainerBackend.java‎
Lines changed: 37 additions & 43 deletions
diff --git a/‎src/main/java/eu/openanalytics/containerproxy/backend/docker/AbstractDockerBackend.java‎
Lines changed: 13 additions & 0 deletions b/‎src/main/java/eu/openanalytics/containerproxy/backend/docker/AbstractDockerBackend.java‎
Lines changed: 13 additions & 0 deletions
diff --git a/‎src/main/java/eu/openanalytics/containerproxy/backend/docker/DockerEngineBackend.java‎
Lines changed: 8 additions & 2 deletions b/‎src/main/java/eu/openanalytics/containerproxy/backend/docker/DockerEngineBackend.java‎
Lines changed: 8 additions & 2 deletions
@@ -92,6 +92,7 @@ public static void main(String[] args) {
 		}
 	}
 
+
 	@PostConstruct
 	public void init() {
 		if (environment.getProperty("server.use-forward-headers") != null) {
@@ -183,7 +184,7 @@ public HttpSessionEventPublisher httpSessionEventPublisher() {
 		return new HttpSessionEventPublisher();
 	}
 
-	private static void setDefaultProperties(SpringApplication app) {
+	public static Properties getDefaultProperties() {
 		Properties properties = new Properties();
 
 		// use in-memory session storage by default. Can be overwritten in application.yml
@@ -230,7 +231,11 @@ private static void setDefaultProperties(SpringApplication app) {
 
 		// ====================
 
-		app.setDefaultProperties(properties);
+		return properties;
+	}
+
+	private static void setDefaultProperties(SpringApplication app) {
+		app.setDefaultProperties(getDefaultProperties());
 	}
 
 }
@@ -20,11 +20,10 @@
  */
 package eu.openanalytics.containerproxy.auth;
 
-import java.util.List;
+import java.util.Map;
 
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
 import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl;
 
 import eu.openanalytics.containerproxy.model.spec.ContainerSpec;
@@ -68,7 +67,7 @@ public default void customizeContainer(ContainerSpec spec) {
 		// Default: do nothing.
 	}
 
-	public default void customizeContainerEnv(List<String> env) {
+	public default void customizeContainerEnv(Map<String, String> env) {
 		// Default: do nothing.
 	}
 
 
@@ -24,6 +24,7 @@
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
+import java.util.Map;
 
 import javax.inject.Inject;
 
@@ -157,10 +158,10 @@ public void customizeContainer(ContainerSpec spec) {
 	}
 
 	@Override
-	public void customizeContainerEnv(List<String> env) {
+	public void customizeContainerEnv(Map<String, String> env) {
 		String principal = getCurrentPrincipal();
-		env.add("REMOTE_USER=" + principal);
-		env.add("KRB5CCNAME=FILE:/tmp/kerberos/ccache");
+		env.put("REMOTE_USER", principal);
+		env.put("KRB5CCNAME", "FILE:/tmp/kerberos/ccache");
 	}
 
 	private String getCurrentPrincipal() {
 
@@ -139,16 +139,16 @@ public String getLogoutSuccessURL() {
 	}
 
 	@Override
-	public void customizeContainerEnv(List<String> env) {
+	public void customizeContainerEnv(Map<String, String> env) {
 		Authentication auth = SecurityContextHolder.getContext().getAuthentication();
 		if (auth == null) return;
 
 		OidcUser user = (OidcUser) auth.getPrincipal();
 		HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
 		OAuth2AuthorizedClient client = oAuth2AuthorizedClientRepository.loadAuthorizedClient(REG_ID, auth, request);
 		if (client == null || client.getAccessToken() == null) return;
-		
-		env.add(ENV_TOKEN_NAME + "=" + client.getAccessToken().getTokenValue());
+
+		env.put(ENV_TOKEN_NAME, client.getAccessToken().getTokenValue());
 	}
 
 	protected ClientRegistrationRepository createClientRepo() {
 
@@ -33,6 +33,15 @@
 import eu.openanalytics.containerproxy.model.runtime.Container;
 import eu.openanalytics.containerproxy.model.runtime.Proxy;
 import eu.openanalytics.containerproxy.model.runtime.ProxyStatus;
+import eu.openanalytics.containerproxy.model.runtime.runtimevalues.CreatedTimestampKey;
+import eu.openanalytics.containerproxy.model.runtime.runtimevalues.InstanceIdKey;
+import eu.openanalytics.containerproxy.model.runtime.runtimevalues.ProxiedAppKey;
+import eu.openanalytics.containerproxy.model.runtime.runtimevalues.ProxyIdKey;
+import eu.openanalytics.containerproxy.model.runtime.runtimevalues.ProxySpecIdKey;
+import eu.openanalytics.containerproxy.model.runtime.runtimevalues.RealmIdKey;
+import eu.openanalytics.containerproxy.model.runtime.runtimevalues.RuntimeValue;
+import eu.openanalytics.containerproxy.model.runtime.runtimevalues.UserGroupsKey;
+import eu.openanalytics.containerproxy.model.runtime.runtimevalues.UserIdKey;
 import eu.openanalytics.containerproxy.model.spec.ContainerSpec;
 import eu.openanalytics.containerproxy.service.UserService;
 import eu.openanalytics.containerproxy.spec.expression.ExpressionAwareContainerSpec;
@@ -57,7 +66,6 @@
 import java.util.function.BiConsumer;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
-import java.util.stream.Collectors;
 
 public abstract class AbstractContainerBackend implements IContainerBackend {
 
@@ -69,20 +77,6 @@ public abstract class AbstractContainerBackend implements IContainerBackend {
 
 	protected static final String DEFAULT_TARGET_PROTOCOL = "http";
 
-	//TODO rename vars?
-	protected static final String ENV_VAR_USER_NAME = "SHINYPROXY_USERNAME";
-	protected static final String ENV_VAR_USER_GROUPS = "SHINYPROXY_USERGROUPS";
-	protected static final String ENV_VAR_REALM_ID = "SHINYPROXY_REALM_ID";
-	
-	protected static final String RUNTIME_LABEL_PROXY_ID = "openanalytics.eu/sp-proxy-id";
-	protected static final String RUNTIME_LABEL_USER_ID = "openanalytics.eu/sp-user-id";
-	protected static final String RUNTIME_LABEL_USER_GROUPS = "openanalytics.eu/sp-user-groups";
-	protected static final String RUNTIME_LABEL_REALM_ID = "openanalytics.eu/sp-realm-id";
-	protected static final String RUNTIME_LABEL_PROXY_SPEC_ID = "openanalytics.eu/sp-spec-id";
-	protected static final String RUNTIME_LABEL_CREATED_TIMESTAMP = "openanalytics.eu/sp-proxy-created-timestamp";
-	protected static final String RUNTIME_LABEL_PROXIED_APP = "openanalytics.eu/sp-proxied-app";
-	protected static final String RUNTIME_LABEL_INSTANCE = "openanalytics.eu/sp-instance";
-
 	protected final Logger log = LogManager.getLogger(getClass());
 
 	private boolean useInternalNetwork;
@@ -131,6 +125,7 @@ public SuccessOrFailure<Proxy> startProxy(Proxy proxy) throws ContainerProxyExce
 		proxy.setId(UUID.randomUUID().toString());
 		proxy.setStatus(ProxyStatus.Starting);
 		proxy.setCreatedTimestamp(System.currentTimeMillis());
+		setRuntimeValues(proxy);
 
 		try {
 			doStartProxy(proxy);
@@ -161,20 +156,6 @@ protected void doStartProxy(Proxy proxy) throws Exception {
 		for (ContainerSpec spec: proxy.getSpec().getContainerSpecs()) {
 			if (authBackend != null) authBackend.customizeContainer(spec);
 
-			// add labels need for App Recovery and maintenance
-			spec.addRuntimeLabel(RUNTIME_LABEL_PROXIED_APP, true, "true");
-			spec.addRuntimeLabel(RUNTIME_LABEL_INSTANCE, true, instanceId);
-
-			spec.addRuntimeLabel(RUNTIME_LABEL_PROXY_ID, false, proxy.getId());
-			spec.addRuntimeLabel(RUNTIME_LABEL_PROXY_SPEC_ID, false, proxy.getSpec().getId());
-			if (realmId != null) {
-				spec.addRuntimeLabel(RUNTIME_LABEL_REALM_ID, false, realmId);
-			}
-			spec.addRuntimeLabel(RUNTIME_LABEL_USER_ID, false, proxy.getUserId());
-			String[] groups = userService.getGroups(userService.getCurrentAuth());
-			spec.addRuntimeLabel(RUNTIME_LABEL_USER_GROUPS, false, String.join(",", groups));
-			spec.addRuntimeLabel(RUNTIME_LABEL_CREATED_TIMESTAMP, false, String.valueOf(proxy.getCreatedTimestamp()));
-
 			ExpressionAwareContainerSpec eSpec = new ExpressionAwareContainerSpec(spec,
 					proxy,
 					expressionResolver,
@@ -238,35 +219,31 @@ protected Long memoryToBytes(String memory) {
 		}
 		return mem;
 	}
-	
-	protected List<String> buildEnv(ContainerSpec containerSpec, Proxy proxy) throws IOException {
-		List<String> env = new ArrayList<>();
-		env.add(String.format("%s=%s", ENV_VAR_USER_NAME, proxy.getUserId()));
-		
-		String[] groups = userService.getGroups(userService.getCurrentAuth());
-		env.add(String.format("%s=%s", ENV_VAR_USER_GROUPS, Arrays.stream(groups).collect(Collectors.joining(","))));
-		
-		String realmId = environment.getProperty("proxy.realm-id");
-		if (realmId != null) {
-			env.add(String.format("%s=%s", ENV_VAR_REALM_ID, realmId)); 
+
+	protected Map<String, String> buildEnv(ContainerSpec containerSpec, Proxy proxy) throws IOException {
+        Map<String, String> env = new HashMap<>();
+
+        for (RuntimeValue runtimeValue : proxy.getRuntimeValues().values()) {
+			if (runtimeValue.getKey().getIncludeAsEnvironmentVariable()) {
+                env.put(runtimeValue.getKey().getKeyAsEnvVar(),  runtimeValue.getValue());
+			}
 		}
 
 		String envFile = containerSpec.getEnvFile();
 		if (envFile != null && Files.isRegularFile(Paths.get(envFile))) {
 			Properties envProps = new Properties();
 			envProps.load(new FileInputStream(envFile));
 			for (Object key: envProps.keySet()) {
-				env.add(String.format("%s=%s", key, envProps.get(key)));
+				env.put(key.toString(), envProps.get(key).toString());
 			}
 		}
 
 		if (containerSpec.getEnv() != null) {
 			for (Map.Entry<String, String> entry : containerSpec.getEnv().entrySet()) {
-				env.add(String.format("%s=%s", entry.getKey(), entry.getValue()));
+                env.put(entry.getKey(), entry.getValue());
 			}
 		}
 
-		// Allow the authentication backend to add values to the environment, if needed.
 		if (authBackend != null) authBackend.customizeContainerEnv(env);
 
 		return env;
@@ -352,4 +329,21 @@ public static String computeTargetPath(String targetPath) {
 
 		return targetPath;
 	}
+
+	private void setRuntimeValues(Proxy proxy) {
+		proxy.addRuntimeValue(new RuntimeValue(ProxiedAppKey.inst, "true"));
+		proxy.addRuntimeValue(new RuntimeValue(ProxyIdKey.inst, proxy.getId()));
+		proxy.addRuntimeValue(new RuntimeValue(InstanceIdKey.inst, instanceId));
+		proxy.addRuntimeValue(new RuntimeValue(ProxySpecIdKey.inst, proxy.getSpec().getId()));
+
+		if (realmId != null) {
+			proxy.addRuntimeValue(new RuntimeValue(RealmIdKey.inst, realmId));
+		}
+
+		proxy.addRuntimeValue(new RuntimeValue(UserIdKey.inst, proxy.getUserId()));
+		String[] groups = userService.getGroups(userService.getCurrentAuth());
+		proxy.addRuntimeValue(new RuntimeValue(UserGroupsKey.inst, String.join(",", groups)));
+		proxy.addRuntimeValue(new RuntimeValue(CreatedTimestampKey.inst, Long.toString(proxy.getCreatedTimestamp())));
+	}
+
 }
@@ -23,6 +23,9 @@
 import java.io.IOException;
 import java.io.OutputStream;
 import java.nio.file.Paths;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
 import java.util.function.BiConsumer;
 
 import com.spotify.docker.client.DefaultDockerClient;
@@ -108,4 +111,14 @@ protected Container getPrimaryContainer(Proxy proxy) {
 	}
 
 
+	protected List<String> convertEnv(Map<String, String> env) {
+		List<String> res = new ArrayList<>();
+
+		for (Map.Entry<String, String> envVar : env.entrySet()) {
+			res.add(String.format("%s=%s", envVar.getKey(), envVar.getValue()));
+		}
+
+		return res;
+	}
+
 }
@@ -38,6 +38,7 @@
 
 import eu.openanalytics.containerproxy.model.runtime.Container;
 import eu.openanalytics.containerproxy.model.runtime.Proxy;
+import eu.openanalytics.containerproxy.model.runtime.runtimevalues.RuntimeValue;
 import eu.openanalytics.containerproxy.model.spec.ContainerSpec;
 
 public class DockerEngineBackend extends AbstractDockerBackend {
@@ -74,15 +75,20 @@ protected Container startContainer(ContainerSpec spec, Proxy proxy) throws Excep
 		hostConfigBuilder.privileged(isPrivileged() || spec.isPrivileged());
 
 		Map<String, String> labels = spec.getLabels();
-		spec.getRuntimeLabels().forEach((key, value) -> labels.put(key, value.getSecond()));
+
+		for (RuntimeValue runtimeValue : proxy.getRuntimeValues().values()) {
+			if (runtimeValue.getKey().getIncludeAsLabel() || runtimeValue.getKey().getIncludeAsAnnotation()) {
+				labels.put(runtimeValue.getKey().getKeyAsLabel(), runtimeValue.getValue());
+			}
+		}
 
 		ContainerConfig containerConfig = ContainerConfig.builder()
 			    .hostConfig(hostConfigBuilder.build())
 			    .image(spec.getImage())
 			    .labels(labels)
 			    .exposedPorts(portBindings.keySet())
 			    .cmd(spec.getCmd())
-			    .env(buildEnv(spec, proxy))
+			    .env(convertEnv(buildEnv(spec, proxy)))
 			    .build();
 		ContainerCreation containerCreation = dockerClient.createContainer(containerConfig);
Original file line number	Diff line number	Diff line change
`@@ -92,6 +92,7 @@ public static void main(String[] args) {`
`92`	`92`	`}`
`93`	`93`	`}`
`94`	`94`
	`95`	`+`
`95`	`96`	`@PostConstruct`
`96`	`97`	`public void init() {`
`97`	`98`	`if (environment.getProperty("server.use-forward-headers") != null) {`
`@@ -183,7 +184,7 @@ public HttpSessionEventPublisher httpSessionEventPublisher() {`
`183`	`184`	`return new HttpSessionEventPublisher();`
`184`	`185`	`}`
`185`	`186`
`186`		`- private static void setDefaultProperties(SpringApplication app) {`
	`187`	`+ public static Properties getDefaultProperties() {`
`187`	`188`	`Properties properties = new Properties();`
`188`	`189`
`189`	`190`	`// use in-memory session storage by default. Can be overwritten in application.yml`
`@@ -230,7 +231,11 @@ private static void setDefaultProperties(SpringApplication app) {`
`230`	`231`
`231`	`232`	`// ====================`
`232`	`233`
`233`		`- app.setDefaultProperties(properties);`
	`234`	`+ return properties;`
	`235`	`+ }`
	`236`	`+`
	`237`	`+ private static void setDefaultProperties(SpringApplication app) {`
	`238`	`+ app.setDefaultProperties(getDefaultProperties());`
`234`	`239`	`}`
`235`	`240`
`236`	`241`	`}`