Feature/update deployment #61
Conversation
…upport starter-kit-htsget
…pdate to latest sda stack, use ghcr.io repo for sda download image, update config example to the now expected c4gh formating
| auth: | ||
| container_name: auth | ||
| image: ghcr.io/neicnordic/sensitive-data-archive:v0.2.23-auth | ||
| image: ghcr.io/neicnordic/sensitive-data-archive:v3.0.14-auth |
There was a problem hiding this comment.
| image: ghcr.io/neicnordic/sensitive-data-archive:v3.0.14-auth | |
| image: ghcr.io/neicnordic/sensitive-data-archive:v3.0.14 |
Auth doesn't have a separate image anymore.
There was a problem hiding this comment.
Updated to use ghcr.io/neicnordic/sensitive-data-archive:v3.0.14 with command: sda-auth, is there any env vars that we need to populate as well?
README.md
Outdated
| | database | PostgreSQL database, [SDA-DB](https://github.com/neicnordic/sensitive-data-archive/tree/main/postgresql). | | ||
| | storage | S3 object store, demo uses Minio S3. | | ||
| | auth | OpenID Connect relaying party and authentication service, [SDA-auth](https://github.com/neicnordic/sensitive-data-archive/tree/main/sda-auth). | | ||
| | s3inbox | Proxy inbox to the S3 backend store, [SDA-S3Inbox](https://github.com/neicnordic/sensitive-data-archive/tree/main/sda). | |
There was a problem hiding this comment.
| | s3inbox | Proxy inbox to the S3 backend store, [SDA-S3Inbox](https://github.com/neicnordic/sensitive-data-archive/tree/main/sda). | | |
| | s3inbox | Proxy inbox to the S3 backend store, [SDA-S3Inbox](https://github.com/neicnordic/sensitive-data-archive/tree/main/sda/cmd/s3inbox/s3inbox.md). | |
Maybe this should be included in the SDA below.
There was a problem hiding this comment.
Hmm yeah makes sense, given its part of the cmd/sda, but its not mentioned in the cmd/sda/sda.md atm, and would make sense to include auth there as well if its been moved there
README.md
Outdated
|
|
||
| ## Authentication for users with LS-AAI (mock or alive) | ||
|
|
||
| To interact with SDA services, users need to provide [JSON Web Token](https://jwt.io/) (JWT) authorization. Ultimately, tokens can be fetched by [LS-AAI](https://lifescience-ri.eu/ls-login/) upon user login to an OpenID Connect (OIDC) relaying party (RP) service that is [registered with LS-AAI](https://spreg-legacy.aai.elixir-czech.org/). An example of such an RP service is the [sda-auth](https://github.com/neicnordic/sda-auth), which is included in the present stack. |
There was a problem hiding this comment.
I think this link https://spreg-legacy.aai.elixir-czech.org/ is outdated. Maybe https://services.aai.lifescience-ri.eu/spreg/ is the correct one. Is that correct @jbygdell ?
Also the link to sda-auth should be changed to https://github.com/neicnordic/sensitive-data-archive/tree/main/sda/cmd/auth
There was a problem hiding this comment.
Yes, all mentions of elixir-czech should be converted to the new ones from lifescience-ri.eu.
That means the URLs needs to be verified since they are not just a hostname change.
|
|
||
| ### The sda-cli tool | ||
|
|
||
| Instead of the tools above, users are **encouraged** to use [`sda-cli`](https://github.com/NBISweden/sda-cli), which is a tool specifically developed to perform all common SDA user-related tasks in a convenient and unified manner. It is recommended to use precompiled executables for `sda-cli` which can be found at [https://github.com/NBISweden/sda-cli/releases](https://github.com/NBISweden/sda-cli/releases) |
There was a problem hiding this comment.
We probably need to specify a version of sda-cli to use.
README.md
Outdated
| From the root of the `starter-kit-storage-and-interfaces` folder and run: | ||
| ### Downloading data | ||
|
|
||
| Users can directly download data from the SDA via `sda-download`, for more details see the service's [api reference](https://github.com/neicnordic/sda-download/blob/main/docs/API.md). In short, given a [valid JW token](#sda-auth), `$token`, a user can download the file with file ID, `$fileID` by issuing the following command: |
There was a problem hiding this comment.
| Users can directly download data from the SDA via `sda-download`, for more details see the service's [api reference](https://github.com/neicnordic/sda-download/blob/main/docs/API.md). In short, given a [valid JW token](#sda-auth), `$token`, a user can download the file with file ID, `$fileID` by issuing the following command: | |
| Users can directly download data from the SDA via `sda-download`, for more details see the service's [api reference](https://github.com/neicnordic/sensitive-data-archive/blob/main/sda-download/api/api.md). In short, given a [valid JW token](#sda-auth), `$token`, a user can download the file with file ID, `$fileID` by issuing the following command: |
Also, the documentation for sda-download is outdated. I created this issue neicnordic/sensitive-data-archive#1996 to address it.
There was a problem hiding this comment.
Updated link, and for now the text to mention we only support delivering files encrypted with a key provided by the client
README.md
Outdated
| ### Download a specific file | ||
| #### Download a specific encrypted file | ||
|
|
||
| The `sda-download` service offers multiple methods for downloading files through the API, with options for both encrypted and unencrypted results. Below, you will find an example illustrating each of these methods. |
There was a problem hiding this comment.
We need to discuss if downloading unencrypted data should be supported.
KarlG-nbis
force-pushed
the
feature/update_deployment
branch
2 times, most recently
from
fa63db9 to
a12a41b
Compare
…nds examples, remove unecessary header
KarlG-nbis
force-pushed
the
feature/update_deployment
branch
from
a12a41b to
4e41124
Compare
Update the images and configuration for the
sda-pipelineservice to the latestMerge the quickstart.md and README.md into one README.md to contain the relevant information to get started.