Skip to content

Commit

Permalink
fix: add SSR hybrid backend configuration option for kubernetes deplo…
Browse files Browse the repository at this point in the history 
…yments (#1320)

* extend Hybrid Approach documentation with Intershop 11 and PWA Helm chart recommended deployment way
  • Loading branch information
@jometzner @shauke
jometzner authored and shauke committed Nov 28, 2022
1 parent 811706f commit 3e293fa
Show file tree
Hide file tree
Showing 3 changed files with 50 additions and 29 deletions.
23 changes: 19 additions & 4 deletions docs/concepts/hybrid-approach.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,15 @@ A possible scenario would be to have the shopping experience with all its SEO op

## Requirements

The best way to deploy a Hybrid Approach installation is with the Intershop provided [PWA Helm chart](https://github.com/intershop/helm-charts/tree/main/charts/pwa) (0.4.0 and above).
How to configure the PWA Helm chart for the PWA and the ICM is explained in the according [Hybrid mode](https://github.com/intershop/helm-charts/tree/main/charts/pwa#hybrid-mode) paragraph.
The version requirements for the involved systems are the following.

- Intershop 11
- PWA 3.2.0

The functional requirements for the Hybrid Approach to work are already available with the following versions of ICM and PWA but this way they cannot be deployed together with a combined Helm chart.

- ICM 7.10.32.16-LTS or 7.10.38.6-LTS
- PWA 2.3.0

Expand All @@ -39,7 +48,7 @@ See [Concept - Integration of Progressive Web App and inSPIRED Storefront](https

If you also want to support the correct handling for links generated in e-mails, the property `intershop.WebServerSecureURL` must point to nginx.

_\$SERVER/share/system/config/cluster/appserver.properties_:
_configuration via \$SERVER/share/system/config/cluster/appserver.properties_:

```properties
SecureAccessOnly=true
Expand All @@ -48,14 +57,20 @@ intershop.apitoken.cookie.sslmode=true
intershop.WebServerSecureURL=https://<nginx>
```

_configuration via `icm_as` Helm chart_

```yaml
INTERSHOP_APITOKEN_COOKIE_ENABLED: true
INTERSHOP_APITOKEN_COOKIE_SSLMODE: true
INTERSHOP_WEBSERVERSECUREURL: https://<icm-web>
```
### Intershop Progressive Web App
The server-side rendering process must be started with `SSR_HYBRID=1`.

In addition, the PWA must be run with secure URLs as well.
See [SSR Startup](../guides/ssr-startup.md#running-with-https)) for reference how you can achieve that locally.

> :warning: **Don't use this option for production environments**, above means to switch on hybrid mode and https are only to ease local development.
See [SSR Startup - Development](../guides/ssr-startup.md#development) for reference how you can achieve that locally.

> :warning: **Only for development environments**: It might be necessary to set `TRUST_ICM=1` if the used development ICM is deployed with an insecure certificate.

Expand Down
48 changes: 24 additions & 24 deletions docs/guides/ssr-startup.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,30 +44,30 @@ If the format is _switch_, the property is switched on by supplying `on`, `1`, `
All parameters are **case sensitive**.
Make sure to use them as written in the table below.

| | parameter | format | comment |
| ------------------- | ------------------------------------------- | -------------------- | -------------------------------------------------------------------------------------------- |
| **SSR Specific** | PORT | number | Port for running the application |
| | SSL | any | Enables SSL/TLS |
| | CONCURRENCY_SSR | number \| max | concurrency for SSR instances per theme (default: 2) |
| | CACHE_ICM_CALLS | recommended \| JSON | enable caching for ICM calls, see [Local ICM Cache](#local-icm-cache) (default: disabled) |
| **General** | ICM_BASE_URL | string | Sets the base URL for the ICM |
| | ICM_CHANNEL | string | Overrides the default channel |
| | ICM_APPLICATION | string | Overrides the default application |
| | FEATURES | comma-separated list | Overrides active features |
| | THEME | string | Overrides the default theme |
| | MULTI_SITE_LOCALE_MAP | JSON \| false | Used to map locales to [url modification parameters](../guides/multi-site-configurations.md) |
| | DEPLOY_URL | string | Set a [Deploy URL][concept-deploy-url] (default `/`) |
| **Debug** :warning: | TRUST_ICM | any | Use this if ICM is deployed with an insecure certificate |
| | LOGGING | switch | Enables extra log output |
| | SOURCE_MAPS | switch | Exposes source maps if activated |
| **Hybrid Approach** | SSR_HYBRID | any | Enables running PWA and ICM in [Hybrid Mode][concept-hybrid] |
| | PROXY_ICM | any \| URL | Proxy ICM via `/INTERSHOP` (enabled if SSR_HYBRID is active) |
| **Third party** | GTM_TOKEN | string | Token for Google Tag Manager |
| | GMA_KEY | string | API key for Google Maps |
| | SENTRY_DSN | string | Sentry DSN URL for using Sentry Error Monitor |
| | PROMETHEUS | switch | Exposes Prometheus metrics |
| | IDENTITY_PROVIDER ~~ICM_IDENTITY_PROVIDER~~ | string | ID of Identity Provider for [SSO][concept-sso] |
| | IDENTITY_PROVIDERS | JSON | Configuration of Identity Providers for [SSO][concept-sso] |
| | parameter | format | comment |
| ------------------- | ------------------------------------------- | -------------------- | ----------------------------------------------------------------------------------------------- |
| **SSR Specific** | PORT | number | Port for running the application |
| | CONCURRENCY_SSR | number \| max | concurrency for SSR instances per theme (default: 2) |
| | CACHE_ICM_CALLS | recommended \| JSON | enable caching for ICM calls, see [Local ICM Cache](#local-icm-cache) (default: disabled) |
| **General** | ICM_BASE_URL | string | Sets the base URL for the ICM |
| | ICM_CHANNEL | string | Overrides the default channel |
| | ICM_APPLICATION | string | Overrides the default application |
| | FEATURES | comma-separated list | Overrides active features |
| | THEME | string | Overrides the default theme |
| | MULTI_SITE_LOCALE_MAP | JSON \| false | Used to map locales to [url modification parameters](../guides/multi-site-configurations.md) |
| | DEPLOY_URL | string | Set a [Deploy URL][concept-deploy-url] (default `/`) |
| **Debug** :warning: | TRUST_ICM | any | Use this if ICM is deployed with an insecure certificate |
| | LOGGING | switch | Enables extra log output |
| | SOURCE_MAPS | switch | Exposes source maps if activated |
| **Hybrid Approach** | SSR_HYBRID | any | Enables running PWA and ICM in [Hybrid Mode][concept-hybrid] |
| | SSR_HYBRID_BACKEND | URL | When running in K8S this contains the ICM WA service URL. For none K8S you can use ICM_BASE_URL |
| | PROXY_ICM | any \| URL | Proxy ICM via `/INTERSHOP` (enabled if SSR_HYBRID is active) |
| **Third party** | GTM_TOKEN | string | Token for Google Tag Manager |
| | GMA_KEY | string | API key for Google Maps |
| | SENTRY_DSN | string | Sentry DSN URL for using Sentry Error Monitor |
| | PROMETHEUS | switch | Exposes Prometheus metrics |
| | IDENTITY_PROVIDER ~~ICM_IDENTITY_PROVIDER~~ | string | ID of Identity Provider for [SSO][concept-sso] |
| | IDENTITY_PROVIDERS | JSON | Configuration of Identity Providers for [SSO][concept-sso] |

## Development

Expand Down
8 changes: 7 additions & 1 deletion server.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,8 @@ export function app() {

const ICM_BASE_URL = process.env.ICM_BASE_URL || environment.icmBaseURL;

const SSR_HYBRID_BACKEND = process.env.SSR_HYBRID_BACKEND || ICM_BASE_URL;

if (!ICM_BASE_URL) {
console.error('ICM_BASE_URL not set');
process.exit(1);
Expand Down Expand Up @@ -256,7 +258,7 @@ export function app() {
server.use('*', hybridRedirect);
}

const icmProxy = proxy(ICM_BASE_URL, {
const icmProxy = proxy(SSR_HYBRID_BACKEND, {
// preserve original path
proxyReqPathResolver: (req: express.Request) => req.originalUrl,
// eslint-disable-next-line @typescript-eslint/no-explicit-any
Expand All @@ -265,6 +267,10 @@ export function app() {
// https://github.com/villadora/express-http-proxy#q-how-to-ignore-self-signed-certificates-
options.rejectUnauthorized = false;
}
if (process.env.SSR_HYBRID) {
// Force context proto to be https otherwise ICM WA is redirecting us to https
options.headers['X-Forwarded-Proto'] = 'https';
}
return options;
},
// fool ICM so it thinks it's running here
Expand Down

0 comments on commit 3e293fa

Please sign in to comment.