From 0b2b2e6e332e26de2fb86504a6b6612cad673f99 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Couralet?= <cedric.couralet@groupe-genes.fr>
Date: Tue, 10 Oct 2023 13:28:03 +0200
Subject: [PATCH] Build & publish docker image

---
 .drone.yml             | 27 ++++++++++++++++-----------
 Dockerfile             | 12 ++++++++++++
 httpd-custom-oidc.conf | 23 +++++++++++++++++++++++
 3 files changed, 51 insertions(+), 11 deletions(-)
 create mode 100644 Dockerfile
 create mode 100644 httpd-custom-oidc.conf

diff --git a/.drone.yml b/.drone.yml
index a39d0d6..818faf0 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -2,14 +2,19 @@ kind: pipeline
 name: Build & publish main
 
 steps:
-  # Build mkdocs website
-  - name: build
-    image: squidfunk/mkdocs-material
-    commands:
-     - mkdocs build --site-dir public
-
- #Publish 
-  - name: publish
-    image: python:latest
-    commands:
-      - ls -alR public
\ No newline at end of file
+- name: publish-image
+  pull: always
+  image: plugins/kaniko:1.7.1-kaniko1.9.1
+  settings:
+    auto_tag: true
+    auto_tag_suffix: latest
+    registry: code.groupe-genes.fr
+    repo: code.groupe-genes.fr/dsit/documentation-dsit
+    username:
+      from_secret: docker_username
+    password:
+      from_secret: docker_password
+  when:
+    event:
+      exclude:
+      - pull_request
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..f26bc1a
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,12 @@
+FROM squidfunk/mkdocs-material as build
+ADD mkdocs.yml .
+ADD ./docs ./docs
+RUN ls -al
+RUN mkdocs build --site-dir /public
+
+FROM httpd:2.4-bookworm
+RUN apt update -y && apt install -y --no-install-recommends libapache2-mod-auth-openidc
+RUN echo "Include conf/extra/httpd-custom-oidc.conf" >> /usr/local/apache2/conf/httpd.conf
+ADD ./httpd-custom-oidc.conf /usr/local/apache2/conf/extra/
+COPY --from=build /public /usr/local/apache2/htdocs/
+
diff --git a/httpd-custom-oidc.conf b/httpd-custom-oidc.conf
new file mode 100644
index 0000000..da4cfd8
--- /dev/null
+++ b/httpd-custom-oidc.conf
@@ -0,0 +1,23 @@
+
+LoadModule auth_openidc_module  /usr/lib/apache2/modules/mod_auth_openidc.so
+
+
+<IfModule auth_openidc_module>
+    OIDCProviderIssuer https://auth.groupe-genes.fr/realms/ensae
+    OIDCProviderAuthorizationEndpoint https://auth.groupe-genes.fr/realms/ensae/protocol/openid-connect/auth
+    OIDCProviderJwksUri https://auth.groupe-genes.fr/realms/ensae/protocol/openid-connect/certs
+    OIDCProviderTokenEndpoint https://auth.groupe-genes.fr/realms/ensae/protocol/openid-connect/token
+    OIDCProviderUserInfoEndpoint https://auth.groupe-genes.fr/realms/ensae/protocol/openid-connect/userinfo
+    OIDCSSLValidateServer On
+    OIDCRedirectURI http://${SERVER_NAME}/oidc_redirect_uri
+    OIDCCryptoPassphrase gfdgfd
+    OIDCClientID ${OIDC_CLIENT}
+    OIDCClientSecret ${OIDC_SECRET}
+    OIDCRemoteUserClaim preferred_username
+    OIDCInfoHook userinfo
+</IfModule>
+
+<Location />
+AuthType openid-connect 
+Require valid-user 
+</Location>
\ No newline at end of file