udash

= Udash
Another Updatecli Dashboard

IMPORTANT: This project is still in a very early stage, more to come

== Description

Udash is an Updatecli backend application. Its mission is to visualize Updatecli pipeline report and to provide various insights such as Git repositories "update" state.

**Pipeline Report**

Updatecli can be configured to upload pipeline reports after each execution. The goal is to have a central place to visualize all pipelines for a specific project.

**Insight**

Insight reuse pipeline report to provide a visualization per theme such as the state for all dependencies for a specific git repository.

__Still work in progress__

== Demo

The best way to discover Udash is to try it yourself. There is a docker compose example available in the demo directory.

Deploy Udash with the following steps:

1. Make sure you have Docker and Docker Compose installed.
2. Run `docker compose up -d` in the directory `demo`.
3. Configure your browser to access Udash at `http://localhost:8080`.
4. Run `updatecli udash login "http://localhost" --experimental` to configure Updatecli to upload reports to Udash.
5. Then you can run any updatecli command (apply/diff) to start publishing reports to Udash

INFO: You may have to run `docker compose restart server` if the postgresql database
 wasn't ready in time to receive connections when the Udash server started.

Don't worry if you don't have any Updatecli manifest yet, you can still try the demo by using the Updatecli policies used by this Git repository.
For that you need Updatecli and GitHub access token to interact with the GitHub API.

You can run the following commands to configure Updatecli to use the policies defined in this repository:

1. `export GITHUB_TOKEN=<your-github-token>`
2. `export GITHUB_ACTOR=<your-github-username>`
3. `docker login ghcr.io` to authenticate on the GitHub Container Registry for pullling Updatecli policies
4. `updatecli compose diff --experimental` to execute Updatecli policies  defined in the file `updatecli-compose.yaml`



== Architecture

=== Requirements

Udash application requires a postgresql database to store the various pipeline reports, and an oauth provider to handle authorization.

**Postgresql Database**

**OAuth provider**

The oauth provider **must** allow the PKCE flow.

* Auth0 (tested)
* GitHub link:https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps#1-request-a-users-github-identity[Not supported yet]
* link:https://docs.gitlab.com/ee/api/oauth2.html[GitLab]
* link:https://github.com/dexidp/dex/issues/2244[Dex]
* link:https://www.keycloak.org/docs/latest/securing_apps/#_installed_adapter[Keycloak]

=== Udash API

==== Documentation

The api documentation is available at `/swagger/index.html` or in the docs directory.

==== Option

Udash must be configured via a configuration file, and some settings can be overridden by environment variables


**Config File**

The configuration file must be one of ["/etc/udash/config.yaml", "~/.udash/config.yaml","~/config.yaml"]

```
    server:
      auth:
        #  If mode is unset then authentication is disabled
        mode: "oauth"
        issuer: "auth0 auth URL"
        audience: "udash URL"
    database:
      # uri defines the postgresql URI used to connect with its database
      uri: "postgresql URI"
```

**Environment**

* **UDASH_AUTH_MODE**: Enable authentication Accept value ["","none","oauth"]
* **UDASH_AUTH_ISSUER**: Define oauth domain url require `UDASH_AUTH_MODE` set to "oauth"
* **UDASH_AUTH_AUDIENCE**: Define oauth audience require `UDASH_AUTH_MODE` set to "oauth"
* **UDASH_DB_URI**: Define the postgresql URI

=== Udash Frontend

==== Option

Even though the Udash frontend is a client-side javascript application, it expects two configuration files that must exist in the `public` directory.

** config.js

```
const config = (() => {
  return {
    "OAUTH_DOMAIN": "updatecli.example.oauth.com",
    "OAUTH_CLIENTID": "86FVLxxxxxxxxxxxxxxxxxx",
    "OAUTH_AUDIENCE": "http://app.updatecli.io/api"
  };
})();
```

`config.js` is used by the frontend application for the login

** config.json

```
{
  "OAUTH_DOMAIN": "updatecli.example.oauth.com",
  "OAUTH_CLIENTID": "86FVLxxxxxxxxxxxxxxxxxx",
  "OAUTH_AUDIENCE": "http://app.updatecli.io/api"
}
```

`config.json` is used by the Updatecli application to retrieve oauth setting when running:

`updatecli login http://app.updatecli.io`

=== Updatecli

Updatecli is expected to run as usual from CI environment. 

But it must be authenticated before uploading any reports, by running:

`updatecli login "https://app.updatecli.io" --experimental`

Then any apply/diff command will upload pipeline reports



=== Demo

You can try Udash yourself by running the following steps:

==== 1. Start Udash

Udash is composed of a Postgresql database, an Updatecli API, and an Updatecli Frontend.

Using Docker, you can start all services with the following command:

`docker compose --file docker-compose.example.yaml up`

Please keep in mind that no authentication is enabled in this example.

Udash is now available on `udash.localhost` and the API on `udash.localhost/api`

==== 2. Configure Updatecli

Once Udash is running, you can configure Updatecli to upload reports to Udash by running:

`updatecli udash login --api-url http://udash.localhost/api http://udash.localhost --experimental`

==== 3. Run Updatecli

You can now run Updatecli as usual, and it will upload the pipeline report to Udash.

Please be aware that currently the UI is designed to visualize pipelines per git repository so without a scmid
pipelines will be hard to discover.

=== Roadmap

- [ ] Versioned API endpoint
- [ ] Add tests
- [ ] Add sql linting check using sqlfluff
- [ ] Support paginationhttps://meet.google.com/vnj-momt-brs?authuser=0

=== Links

* https://github.com/updatecli/updatecli[Updatecli]
* https://github.com/updatecli/udash-front[Udash Frontend]
* https://github.com/updatecli/charts[Helm Chart]