Add token encryption and origin for GCP address.

tupui · tupui · commit 54057236d1c6 · 2023-10-23T15:34:32.000+02:00
[skip ci]
diff --git a/CITATION.cff b/CITATION.cff
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -183,8 +183,9 @@ The dashboard can be run locally using:
 If you want to test OAuth, you need to export the following env variables:
 
     export PANEL_OAUTH_REDIRECT_URI=http://localhost:5006/app
-    export PANEL_OAUTH_KEY=[VALUE IN GCP]
-    export PANEL_OAUTH_SECRET=[VALUE IN GCP]
+    export PANEL_OAUTH_KEY=[VALUE IN GCP Secret Manager]
+    export PANEL_OAUTH_SECRET=[VALUE IN GCP Secret Manager]
+    export PANEL_OAUTH_ENCRYPTION=[VALUE IN GCP Secret Manager]
 
 Use the CLI tool `direnv` for convenience. Then you can serve with
 OAuth support:
diff --git a/Dockerfile b/Dockerfile
@@ -42,6 +42,7 @@ CMD ["panel", "serve", "panel/app.py", \
      "--num-procs", "2", \
      "--allow-websocket-origin", "simdec.io", \
      "--allow-websocket-origin", "www.simdec.io", \
+     "--allow-websocket-origin", "https://simdec-panel-h6musew72q-lz.a.run.app", \
      "--cookie-secret", "panel_cookie_secret_oauth", \
      "--logout-template", "panel/logout.html", \
      "--oauth-provider", "google", \
diff --git a/Makefile b/Makefile
@@ -120,6 +120,7 @@ production: publish-production
 	                  --set-secrets=PANEL_OAUTH_REDIRECT_URI=PANEL_OAUTH_REDIRECT_URI:latest \
 	                  --set-secrets=PANEL_OAUTH_KEY=PANEL_OAUTH_KEY:latest \
 	                  --set-secrets=PANEL_OAUTH_SECRET=PANEL_OAUTH_SECRET:latest \
+	                  --set-secrets=PANEL_OAUTH_ENCRYPTION=PANEL_OAUTH_ENCRYPTION:latest \
 	                  --allow-unauthenticated \
 	                  --session-affinity \
 	                  --timeout=60m \
