Subscription activation and registry service account configuration us…

…ing available REST APIs (#35)

The initial implementation for Red Hat subscription activation and container image registry access configuration.

Signed-off-by: Denis Golovin <[email protected]>
Co-authored-by: Valentin Rothberg <[email protected]>
Co-authored-by: Florent BENOIT <[email protected]>

Containerfile

@@ -18,9 +18,9 @@
 FROM scratch
 
 LABEL org.opencontainers.image.title="Red Hat Account" \
-        org.opencontainers.image.description="Allows the ability in Podman Desktop to login to Red Hat SSO" \
-        org.opencontainers.image.vendor="Red Hat" \
-        io.podman-desktop.api.version=">= 0.14.1"
+  org.opencontainers.image.description="Allows the ability in Podman Desktop to login to Red Hat SSO" \
+  org.opencontainers.image.vendor="Red Hat" \
+  io.podman-desktop.api.version=">= 1.7.0"
 
 COPY package.json /extension/
 COPY LICENSE /extension/

README.md

@@ -1,39 +1,53 @@
+# Podman Desktop Red Hat SSO Extension
 
-# Red Hat Account extension
+An extension for Podman Desktop to simplify logging into and creating a Red Hat account.  The extension opens sso.redhat.com in the browser to retrieve an SSO token upon successful login.  The SSO token is then used to log into the [registry.redhat.io](https://catalog.redhat.com/) Container Registry and to register the Linux virtual machine powering Podman Desktop via subscription-manager to grant the containers access to protected Red Hat content such as RHEL repositories.
 
-This extension plugs into Podman Desktop an authentication provider that allows login to Red Hat SSO
+# Installation
 
-# Run and build
+The extension is currently available in an Alpha version but ready to test.  Extension for Podman Desktop are shipped as OCI container images.  Please refer to the [Podman Desktop documentation](https://podman-desktop.io/docs/extensions/install) for installation instructions and to [Quay.io](https://quay.io/repository/redhat-developer/podman-desktop-redhat-account-ext?tab=tags) for available tags.
 
+The first available Alpha image is `quay.io/redhat-developer/podman-desktop-redhat-account-ext:0.0.1-alpha.1`.
 
+Starting with Podman 5.0, subscription-manager will be shipped by default.  For prior versions, the extension will take care of installing subscription-manager which may take a short while and requires a reboot.
 
-To rebuild podman-desktop and OpenShift Local extension run:
+# Usage
 
-```shell
-  yarn build
-```
+Once installed, you can find the extension in the Settings menu which you can find in the bottom left corner of Podman Desktop:
+![image](https://raw.githubusercontent.com/redhat-developer/podman-desktop-redhat-account-ext/v0.0.2-alpha.1/screenshots/settings.png)
 
-To execute this extension into Podman Desktop, uses one of these commands:
+To sign into your Red Hat account, open the Authentication menu and click on the drop-down button:
+![image](https://raw.githubusercontent.com/redhat-developer/podman-desktop-redhat-account-ext/v0.0.2-alpha.1/screenshots/authentication-menu.png)
 
-```shell
-  podman-desktop --extension-folder this_folder
-```
-
-if using the released bits from Podman Desktop
+To sign into your Red Had account, Podman Desktop will open Red Hat SSO in your browser of choice.  The SSO form will make sure that each user has accepted the terms and conditions, and has a valid Red Hat [developers subscription](https://developers.redhat.com/about?source=sso). If needed, you may also create a new Red Hat account and further use social login via an existing Google, Microsoft or GitHub account:
+![image](https://raw.githubusercontent.com/redhat-developer/podman-desktop-redhat-account-ext/v0.0.2-alpha.1/screenshots/sso.png)
 
-or 
+Once signed in, there is nothing further to be done. Podman Desktop will automatically use the SSO token to log into the Red Hat container registry and to register the Linux virtual machine (i.e., podman machine) via subscription-manager. The two tasks are listed in the Tasks menu which you can open on the bottom right of Podman Desktop:
+![image](https://raw.githubusercontent.com/redhat-developer/podman-desktop-redhat-account-ext/v0.0.2-alpha.1/screenshots/tasks.png)
 
-```shell
-  yarn watch --extension-folder this_folder
-```
+To verify that the sign-in process was successful, you may build the following Dockerfile:
+```Dockerfile
+FROM registry.redhat.io/rhel9/toolbox
+RUN  dnf install -y kernel
+````
 
-from the Podman Desktop source folder if using the develpment version from Podman Desktop
+Pulling the container image `registry.redhat.io/rhel9/toolbox` requires having logged into the Red Hat container registry.  Installing the `kernel` package requires access to protected content.
 
-# Nightly build installation
+# Local Development
 
-use `ghcr.io/redhat-developer/podman-desktop-redhat-account-ext:latest` on Settings/Extension page using 'Install a new extension from OCI Image' form (see screenshot below).
+To rebuild Podman Desktop and the extension run:
 
+```shell
+  yarn build
+```
 
+To execute the extension in Podman Desktop, use one of the following to options.
 
-![image](https://user-images.githubusercontent.com/620330/232674528-9d07e38d-618c-4d69-a01a-309033b7b3f0.png)
+With a pre-installed version of Podman Desktop:
+```shell
+podman-desktop --extension-folder this_folder
+```
 
+In a local git tree of Podman Desktop:
+```shell
+yarn watch --extension-folder this_folder
+```

package.json

@@ -2,7 +2,7 @@
   "name": "redhat-authentication",
   "displayName": "Red Hat Authentication",
   "description": "Login to Red Hat Developers",
-  "version": "0.0.1",
+  "version": "0.0.2-next",
   "icon": "icon.png",
   "publisher": "redhat",
   "license": "Apache-2.0",
@@ -13,8 +13,8 @@
   "contributes": {
     "commands": [
       {
-        "command": "redhat.auth.login",
-        "title": "Red Hat Authentication: login"
+        "command": "redhat.authentication.signin",
+        "title": "Red Hat SSO Provider: Sign In"
       }
     ]
   },
@@ -25,7 +25,10 @@
   },
   "dependencies": {
     "@podman-desktop/api": "^1.6.4",
+    "@redhat-developer/rhcra-client": "^0.0.1",
+    "@redhat-developer/rhsm-client": "^0.0.4  ",
     "@types/node": "^18.15.11",
+    "axios": "^1.6.5",
     "js-yaml": "^4.1.0",
     "openid-client": "5.4.0"
   },
@@ -41,8 +44,8 @@
     "rollup": "^3.20.4",
     "tslib": "^2.5.0",
     "typescript": "^5.0.4",
-    "vite": "^5.0.11",
-    "vitest": "^1.1.1",
+    "vite": "^5.0.12",
+    "vitest": "^1.2.0",
     "zip-local": "^0.3.5"
   }
 }

src/configuration.ts

@@ -36,7 +36,7 @@ const REDHAT_AUTH_URL = process.env.REDHAT_SSO_URL
   ? process.env.REDHAT_SSO_URL
   : 'https://sso.redhat.com/auth/realms/redhat-external/';
 const KAS_API_URL = process.env.KAS_API_URL ? process.env.KAS_API_URL : 'https://api.openshift.com';
-const CLIENT_ID = process.env.CLIENT_ID ? process.env.CLIENT_ID : 'vscode-redhat-account';
+const CLIENT_ID = process.env.CLIENT_ID ? process.env.CLIENT_ID : 'podman-desktop';
 
 console.log('REDHAT_AUTH_URL: ' + REDHAT_AUTH_URL);
 console.log('KAS_API_URL: ' + KAS_API_URL);