hzhang
8f8d6d5465
- useAuthConfig fetches public /auth/config; LoginPage hides the password form when oidc_only and shows an SSO button when enabled. - /oidc/callback route applies the returned JWT (sign-in) or shows the link result; oidc_error surfaced on LoginPage. - UsersPage: hides password fields in OIDC-only mode; admin OIDC bind/unbind UI per user. Sidebar self-service "Link OIDC account" (non-OIDC_ONLY). - Dockerfile ARG/ENV HARBORFORGE_OIDC_ONLY. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
22 lines
737 B
Docker
22 lines
737 B
Docker
# Build stage
|
|
FROM node:20-alpine AS build
|
|
WORKDIR /app
|
|
COPY package.json package-lock.json* ./
|
|
RUN npm install
|
|
COPY . .
|
|
RUN npm run build
|
|
|
|
# Runtime stage
|
|
FROM node:20-alpine
|
|
RUN npm install -g serve@14
|
|
WORKDIR /app
|
|
COPY --from=build /app ./
|
|
ENV FRONTEND_DEV_MODE=0
|
|
# OIDC-only mode flag. The SPA's effective behavior is driven at runtime by
|
|
# the backend's public GET /auth/config (single source of truth); this
|
|
# build/runtime arg is declared so the frontend image carries the same knob.
|
|
ARG HARBORFORGE_OIDC_ONLY=false
|
|
ENV HARBORFORGE_OIDC_ONLY=${HARBORFORGE_OIDC_ONLY}
|
|
EXPOSE 3000
|
|
CMD ["sh", "-c", "if [ \"$FRONTEND_DEV_MODE\" = \"1\" ]; then npm run dev -- --host 0.0.0.0 --port 3000 --strictPort; else serve -s dist -l 3000; fi"]
|