Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problems with Rstudio Auth #4

Open
jmienko opened this issue Dec 3, 2021 · 0 comments
Open

Problems with Rstudio Auth #4

jmienko opened this issue Dec 3, 2021 · 0 comments

Comments

@jmienko
Copy link

jmienko commented Dec 3, 2021
edited
Loading

So, I am able to complete the full code pipeline that you have laid out. Thank you!

As of the time of this writing, the shiny service is running fine as expected here: https://shiny.dev.builddev.stfimpact.org/

The Rstudio service is running, but accessing is problematic.

Question: How can I fix my configuration to ensure that I can log in directly from the https://container1.rstudio.dev.builddev.stfimpact.org/ URL, without the need for the workaround described below?

If you go to the generated URL (https://container1.rstudio.dev.builddev.stfimpact.org/), you can see that the service hangs.

image

I can successfully go to the auth-sign-in endpoint (https://container1.rstudio.dev.builddev.stfimpact.org/auth-sign-in) as shown below. However, as you can also see, I am getting a repeated "mixed content" error in the console.

image

When I try to login from the auth-sign-in endpoint, page hangs on a 302 returned from the auth-do-sign-in endpoint. As can be seen, it is trying to send me to http://container1.rstudio.dev.builddev.stfimpact.org/ instead of https://container1.rstudio.dev.builddev.stfimpact.org/.

image

If I (from the hanging browser tab) just change the URL to https, I can get into the Rstudio service, but this is obviously not desirable.

image

A possible solution might be to fix it directly on the EC2 instance with a solution similar to what's described in this tutorial, but I'd prefer to have a clean solution all within CodePipeline if possible.

My obfuscated cdk.json is pasted below.

{
  "app": "python3 app.py",
  "context": {
    "instance": "dev",
    "rstudio_account_id": "MY ID",
    "rstudio_pipeline_account_id": "MY ID",
    "network_account_id": "MY ID",
    "datalake_account_id": "MY ID",
    "datalake_aws_region": "us-east-1",
    "code_repo_name": "stfimpact",
    "r53_base_domain": "stfimpact.org",
    "rstudio_install_type": "ec2",
    "rstudio_ec2_instance_type": "t3.xlarge",
    "rstudio_container_memory_in_gb": "4",
    "number_of_rstudio_containers": "4", 
    "vpc_cidr_range": "10.5.0.0/16",
    "allowed_ips": "",
    "sns_email_id": "jmienko@standtogether.org",
    "datalake_source_bucket_name": "datalake-source",
    "@aws-cdk/core:enableStackNameDuplicates": "true",
    "aws-cdk:enableDiffNoFail": "true",
    "@aws-cdk/core:stackRelativeExports": "true",
    "@aws-cdk/aws-ecr-assets:dockerIgnoreSupport": true,
    "@aws-cdk/aws-secretsmanager:parseOwnedSecretName": true,
    "@aws-cdk/aws-kms:defaultKeyPolicies": true,
    "@aws-cdk/core:newStyleStackSynthesis": "true"
  }
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jmienko