update auth & doc

docs/install_on_gcp.md

@@ -15,7 +15,8 @@ First, make sure you've enabled the API services using gcloud:
 gcloud services enable \
   cloudapis.googleapis.com \
   container.googleapis.com \
-  containerregistry.googleapis.com
+  containerregistry.googleapis.com \
+  cloudbuild.googleapis.com
 ```
 
 Then override some of the defaults settings to your configuration.
@@ -38,31 +39,32 @@ sh scripts/setup_gcp.sh
 kubectl get pods --all-namespaces
 ```
 
-## Enable HTTPS
-
-You must have a real domain name (not xip.io auto-domain) to enable HTTPS.
-
-The helper script enables HTTPS using [CloudDNS](#), [Let's Encrypt](#) and [cert-manager](#). Adapt the ClusterIssuer manifest if you are using a different DNS.
-
-```bash
-export KUDA_DOMAIN="example.com"
-export KUDA_NAMESPACE="default"
-export KUDA_LETSENCRYPT_EMAIL="[email protected]"
-sh scripts/gcp_enable_https.sh
-```
-
 ## Authentication
 
 Install the authentication service, by following the instruction in
-[/images/deployer](/images/auth).
+[/install/auth](/install/auth/README.md).
 
 Then install Istio's authentication policy:
 
 ```
 sh scripts/setup_auth_policy.sh
 ```
 
-## Deployer
+## API
 
-Install the remote deployer service, by following the instructions in
-[/images/deployer](/images/deployer).
+Install the remote deployer API, by following the instructions in
+[/install/api](/install/api).
+
+## Enable HTTPS
+
+You must have a real domain name (not xip.io auto-domain) to enable HTTPS.
+
+The helper script enables HTTPS using [CloudDNS](#), [Let's Encrypt](#) and [cert-manager](#).
+Adapt the ClusterIssuer manifest if you are using a different DNS.
+
+```bash
+export KUDA_DOMAIN="example.com"
+export KUDA_NAMESPACE="default"
+export KUDA_LETSENCRYPT_EMAIL="[email protected]"
+sh scripts/gcp_enable_https.sh
+```

install/auth/.gitignore

@@ -1 +1,2 @@
-service.yaml
+service.yaml
+*.bak.yaml

install/auth/README.md

@@ -1,24 +1,34 @@
 The authentication service serves a simple static page that lets user
-authenticate using [firebase auth](https://firebase.google.com/docs/auth).
+authenticate using [Cloud Identity Platform / Firebase Auth](https://console.cloud.google.com/marketplace/details/google-cloud-platform/customer-identity).
+
+## Setup
+
+First enable the [Cloud Identity Platform](https://console.cloud.google.com/marketplace/details/google-cloud-platform/customer-identity) on your project and configure at least one provider.
+
+Add your domain to the list of authorized domain with the prefix `auth.kuda`.
+For example:`auth.kuda.12.34.56.78.xip.io`.
+
+If you're using the Google Auth Provider, you also have to configure the Oauth content screen.
+
+Then click on "Application setup details" to find out values of the following variables.
+ToS (Terms of Service) and PP (Privacy policy) urls can be left blank.
 
 ```bash
-export KUDA_AUTH_API_KEY="your auth API key"
+export KUDA_AUTH_API_KEY="your Firebase Auth API key"
 export KUDA_AUTH_DOMAIN="your auth domain"
 export KUDA_AUTH_TOS_URL="your terms and service url"
 export KUDA_AUTH_PP_URL="your privacy policy url"
 ```
 
-## Build
+## Build and run locally (optional)
 
 ```bash
 docker build \
-  -t gcr.io/kuda-cloud/auth \
+  -t gcr.io/kuda-project/auth \
   -f install/auth/Dockerfile \
   .
 ```
 
-## Run
-
 ```bash
 docker run --rm \
   -e KUDA_AUTH_API_KEY=$KUDA_AUTH_API_KEY \
@@ -27,10 +37,10 @@ docker run --rm \
   -e KUDA_AUTH_PP_URL=$KUDA_AUTH_PP_URL \
   -e PORT=80 \
   -p 8080:80 \
-  gcr.io/kuda-cloud/auth
+  gcr.io/kuda-project/auth
 ```
 
-## Deploy
+## Deply
 
 ```bash
 KUDA_AUTH_TOS_URL=$(echo $KUDA_AUTH_TOS_URL | sed 's/\//\\\//g')
@@ -43,6 +53,20 @@ sed -i'.bak' "s/value: <your-pp-url>/value: $KUDA_AUTH_PP_URL/g" service.yaml
 rm service.yaml.bak
 ```
 
+### Dev with Skaffold
+
+To dev:
+```
+skaffold dev -f install/auth/skaffold.yaml
+```
+
+To run:
 ```bash
-skaffold run
+skaffold run -f install/auth/skaffold.yaml
 ```
+
+### Deploy with kubectl
+
+```bash
+kubectl apply -f install/auth/service.yaml
+```

install/auth/skaffold.yaml

@@ -4,8 +4,10 @@ build:
   artifacts:
   - image: gcr.io/kuda-project/auth
     docker:
-      dockerfile: ./Dockerfile
+      dockerfile: install/auth/Dockerfile
+  googleCloudBuild:
+    projectId: kuda-project
 deploy:
   kubectl:
     manifests:
-      - service.yaml
+      - install/auth/service.yaml