github.com/minio/console@v1.3.0/DEVELOPMENT.md (about) 1 # Developing MinIO Console 2 3 The MinIO Console requires the [MinIO Server](https://github.com/minio/minio). For development purposes, you also need 4 to run both the MinIO Console web app and the MinIO Console server. 5 6 ## Running MinIO Console server 7 8 Build the server in the main folder by running: 9 10 ``` 11 make 12 ``` 13 14 > Note: If it's the first time running the server, you might need to run `go mod tidy` to ensure you have all modules 15 > required. 16 > To start the server run: 17 18 ``` 19 CONSOLE_ACCESS_KEY=<your-access-key> 20 CONSOLE_SECRET_KEY=<your-secret-key> 21 CONSOLE_MINIO_SERVER=<minio-server-endpoint> 22 CONSOLE_DEV_MODE=on 23 ./console server 24 ``` 25 26 ## Running MinIO Console web app 27 28 Refer to `/web-app` [instructions](/web-app/README.md) to run the web app locally. 29 30 # Building with MinIO 31 32 To test console in its shipping format, you need to build it from the MinIO repository, the following step will guide 33 you to do that. 34 35 ### 0. Building with UI Changes 36 37 If you are performing changes in the UI components of console and want to test inside the MinIO binary, you need to 38 build assets first. 39 40 In the console folder run 41 42 ```shell 43 make assets 44 ``` 45 46 This will regenerate all the static assets that will be served by MinIO. 47 48 ### 1. Clone the `MinIO` repository 49 50 In the parent folder of where you cloned this `console` repository, clone the MinIO Repository 51 52 ```shell 53 git clone https://github.com/minio/minio.git 54 ``` 55 56 ### 2. Update `go.mod` to use your local version 57 58 In the MinIO repository open `go.mod` and after the first `require()` directive add a `replace()` directive 59 60 ``` 61 ... 62 ) 63 64 replace ( 65 github.com/minio/console => "../console" 66 ) 67 68 require ( 69 ... 70 ``` 71 72 ### 3. Build `MinIO` 73 74 Still in the MinIO folder, run 75 76 ```shell 77 make build 78 ``` 79 80 # Testing on Kubernetes 81 82 If you want to test console on kubernetes, you can perform all the steps from `Building with MinIO`, but change `Step 3` 83 to the following: 84 85 ```shell 86 TAG=miniodev/console:dev make docker 87 ``` 88 89 This will build a docker container image that can be used to test with your local kubernetes environment. 90 91 For example, if you are using kind: 92 93 ```shell 94 kind load docker-image miniodev/console:dev 95 ``` 96 97 and then deploy any `Tenant` that uses this image 98 99 # LDAP authentication with Console 100 101 ## Setup 102 103 Run openLDAP with docker. 104 105 ``` 106 $ docker run --rm -p 389:389 -p 636:636 --name my-openldap-container --detach osixia/openldap:1.3.0 107 ``` 108 109 Run the `billy.ldif` file using `ldapadd` command to create a new user and assign it to a group. 110 111 ``` 112 $ docker cp console/docs/ldap/billy.ldif my-openldap-container:/container/service/slapd/assets/test/billy.ldif 113 $ docker exec my-openldap-container ldapadd -x -D "cn=admin,dc=example,dc=org" -w admin -f /container/service/slapd/assets/test/billy.ldif -H ldap://localhost 114 ``` 115 116 Query the ldap server to check the user billy was created correctly and got assigned to the consoleAdmin group, you 117 should get a list 118 containing ldap users and groups. 119 120 ``` 121 $ docker exec my-openldap-container ldapsearch -x -H ldap://localhost -b dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin 122 ``` 123 124 Query the ldap server again, this time filtering only for the user `billy`, you should see only 1 record. 125 126 ``` 127 $ docker exec my-openldap-container ldapsearch -x -H ldap://localhost -b uid=billy,dc=example,dc=org -D "cn=admin,dc=example,dc=org" -w admin 128 ``` 129 130 ### Change the password for user billy 131 132 Set the new password for `billy` to `minio123` and enter `admin` as the default `LDAP Password` 133 134 ``` 135 $ docker exec -it my-openldap-container /bin/bash 136 # ldappasswd -H ldap://localhost -x -D "cn=admin,dc=example,dc=org" -W -S "uid=billy,dc=example,dc=org" 137 New password: 138 Re-enter new password: 139 Enter LDAP Password: 140 ``` 141 142 ### Add the consoleAdmin policy to user billy on MinIO 143 144 ``` 145 $ cat > consoleAdmin.json << EOF 146 { 147 "Version": "2012-10-17", 148 "Statement": [ 149 { 150 "Action": [ 151 "admin:*" 152 ], 153 "Effect": "Allow", 154 "Sid": "" 155 }, 156 { 157 "Action": [ 158 "s3:*" 159 ], 160 "Effect": "Allow", 161 "Resource": [ 162 "arn:aws:s3:::*" 163 ], 164 "Sid": "" 165 } 166 ] 167 } 168 EOF 169 $ mc admin policy create myminio consoleAdmin consoleAdmin.json 170 $ mc admin policy attach myminio consoleAdmin --user="uid=billy,dc=example,dc=org" 171 ``` 172 173 ## Run MinIO 174 175 ``` 176 export MINIO_ACCESS_KEY=minio 177 export MINIO_SECRET_KEY=minio123 178 export MINIO_IDENTITY_LDAP_SERVER_ADDR='localhost:389' 179 export MINIO_IDENTITY_LDAP_USERNAME_FORMAT='uid=%s,dc=example,dc=org' 180 export MINIO_IDENTITY_LDAP_USERNAME_SEARCH_FILTER='(|(objectclass=posixAccount)(uid=%s))' 181 export MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY=on 182 export MINIO_IDENTITY_LDAP_SERVER_INSECURE=on 183 ./minio server ~/Data 184 ``` 185 186 ## Run Console 187 188 ``` 189 export CONSOLE_LDAP_ENABLED=on 190 ./console server 191 ```