Merge pull request #6511 from Budibase/seed-admin-user

Add env vars to automatically create initial admin user on first run
This commit is contained in:
Martin McKeaveney 2022-07-11 10:04:05 +01:00 committed by GitHub
commit 44ddfdc626
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 65 additions and 2 deletions

View File

@ -122,6 +122,10 @@ spec:
value: {{ .Values.globals.automationMaxIterations | quote }} value: {{ .Values.globals.automationMaxIterations | quote }}
- name: TENANT_FEATURE_FLAGS - name: TENANT_FEATURE_FLAGS
value: {{ .Values.globals.tenantFeatureFlags | quote }} value: {{ .Values.globals.tenantFeatureFlags | quote }}
- name: BB_ADMIN_USER_EMAIL
value: { { .Values.globals.bbAdminUserEmail | quote } }
- name: BB_ADMIN_USER_PASSWORD
value: { { .Values.globals.bbAdminUserPassword | quote } }
image: budibase/apps:{{ .Values.globals.appVersion }} image: budibase/apps:{{ .Values.globals.appVersion }}
imagePullPolicy: Always imagePullPolicy: Always

View File

@ -19,3 +19,7 @@ COUCH_DB_PORT=4005
REDIS_PORT=6379 REDIS_PORT=6379
WATCHTOWER_PORT=6161 WATCHTOWER_PORT=6161
BUDIBASE_ENVIRONMENT=PRODUCTION BUDIBASE_ENVIRONMENT=PRODUCTION
# An admin user can be automatically created initially if these are set
BB_ADMIN_USER_EMAIL=
BB_ADMIN_USER_PASSWORD=

View File

@ -23,6 +23,8 @@ services:
ENABLE_ANALYTICS: "true" ENABLE_ANALYTICS: "true"
REDIS_URL: redis-service:6379 REDIS_URL: redis-service:6379
REDIS_PASSWORD: ${REDIS_PASSWORD} REDIS_PASSWORD: ${REDIS_PASSWORD}
BB_ADMIN_USER_EMAIL: ${BB_ADMIN_USER_EMAIL}
BB_ADMIN_USER_PASSWORD: ${BB_ADMIN_USER_PASSWORD}
depends_on: depends_on:
- worker-service - worker-service
- redis-service - redis-service

View File

@ -19,3 +19,7 @@ COUCH_DB_PORT=4005
REDIS_PORT=6379 REDIS_PORT=6379
WATCHTOWER_PORT=6161 WATCHTOWER_PORT=6161
BUDIBASE_ENVIRONMENT=PRODUCTION BUDIBASE_ENVIRONMENT=PRODUCTION
# An admin user can be automatically created initially if these are set
BB_ADMIN_USER_EMAIL=
BB_ADMIN_USER_PASSWORD=

View File

@ -56,6 +56,8 @@ async function init() {
DISABLE_THREADING: 1, DISABLE_THREADING: 1,
SERVICE: "app-service", SERVICE: "app-service",
DEPLOYMENT_ENVIRONMENT: "development", DEPLOYMENT_ENVIRONMENT: "development",
BB_ADMIN_USER_EMAIL: "",
BB_ADMIN_USER_PASSWORD: "",
} }
let envFile = "" let envFile = ""
Object.keys(envFileJson).forEach(key => { Object.keys(envFileJson).forEach(key => {

View File

@ -18,7 +18,9 @@ const { logAlert } = require("@budibase/backend-core/logging")
const { Thread } = require("./threads") const { Thread } = require("./threads")
import redis from "./utilities/redis" import redis from "./utilities/redis"
import * as migrations from "./migrations" import * as migrations from "./migrations"
import { events, installation } from "@budibase/backend-core" import { events, installation, tenancy } from "@budibase/backend-core"
import { createAdminUser, getChecklist } from "./utilities/workerRequests"
import { tenantSucceeded } from "@budibase/backend-core/dist/src/events/publishers/backfill"
const app = new Koa() const app = new Koa()
@ -110,6 +112,33 @@ module.exports = server.listen(env.PORT || 0, async () => {
} }
} }
// check and create admin user if required
if (
env.SELF_HOSTED &&
!env.MULTI_TENANCY &&
env.BB_ADMIN_USER_EMAIL &&
env.BB_ADMIN_USER_PASSWORD
) {
const checklist = await getChecklist()
if (!checklist?.adminUser?.checked) {
try {
const tenantId = tenancy.getTenantId()
await createAdminUser(
env.BB_ADMIN_USER_EMAIL,
env.BB_ADMIN_USER_PASSWORD,
tenantId
)
console.log(
"Admin account automatically created for",
env.BB_ADMIN_USER_EMAIL
)
} catch (e) {
logAlert("Error creating initial admin user. Exiting.", e)
shutdown()
}
}
}
// check for version updates // check for version updates
await installation.checkInstallVersion() await installation.checkInstallVersion()

View File

@ -74,6 +74,8 @@ module.exports = {
DYNAMO_ENDPOINT: process.env.DYNAMO_ENDPOINT, DYNAMO_ENDPOINT: process.env.DYNAMO_ENDPOINT,
QUERY_THREAD_TIMEOUT: parseIntSafe(process.env.QUERY_THREAD_TIMEOUT), QUERY_THREAD_TIMEOUT: parseIntSafe(process.env.QUERY_THREAD_TIMEOUT),
SQL_MAX_ROWS: process.env.SQL_MAX_ROWS, SQL_MAX_ROWS: process.env.SQL_MAX_ROWS,
BB_ADMIN_USER_EMAIL: process.env.BB_ADMIN_USER_EMAIL,
BB_ADMIN_USER_PASSWORD: process.env.BB_ADMIN_USER_PASSWORD,
// flags // flags
ALLOW_DEV_AUTOMATIONS: process.env.ALLOW_DEV_AUTOMATIONS, ALLOW_DEV_AUTOMATIONS: process.env.ALLOW_DEV_AUTOMATIONS,
DISABLE_THREADING: process.env.DISABLE_THREADING, DISABLE_THREADING: process.env.DISABLE_THREADING,

View File

@ -137,3 +137,19 @@ exports.readGlobalUser = async ctx => {
) )
return checkResponse(response, "get user", { ctx }) return checkResponse(response, "get user", { ctx })
} }
exports.createAdminUser = async (email, password, tenantId) => {
const response = await fetch(
checkSlashesInUrl(env.WORKER_URL + "/api/global/users/init"),
request(null, { method: "POST", body: { email, password, tenantId } })
)
return checkResponse(response, "create admin user")
}
exports.getChecklist = async () => {
const response = await fetch(
checkSlashesInUrl(env.WORKER_URL + "/api/global/configs/checklist"),
request(null, { method: "GET" })
)
return checkResponse(response, "get checklist")
}