Do not start auth-bearer service by default

The auth-bearer service is currently not needed by ocis. Reva tookens
for oidc authenticated clients are currently minted via the auth-machine
service.  This commit does not completely remove the service as we shoud
consider to rework the proxy's oidc middleware to use the auth-bearer
service in the future (see #4701)

Fixes: #4692

deployments/examples/oc10_ocis_parallel/docker-compose.yml

@@ -111,7 +111,7 @@ services:
       OCIS_STORAGE_READ_ONLY: "false" # TODO: conflict with OWNCLOUDSQL -> https://github.com/owncloud/ocis/issues/2303
       # General oCIS config
       # OCIS_RUN_SERVICES specifies to start all fullstack services except idm and idp. These are replaced by external services
-      OCIS_RUN_SERVICES: app-registry,app-provider,auth-basic,auth-bearer,auth-machine,frontend,gateway,graph,graph-explorer,groups,nats,notifications,ocdav,ocs,proxy,search,settings,sharing,storage-system,storage-publiclink,storage-shares,storage-users,store,thumbnails,users,web,webdav
+      OCIS_RUN_SERVICES: app-registry,app-provider,auth-basic,auth-machine,frontend,gateway,graph,graph-explorer,groups,nats,notifications,ocdav,ocs,proxy,search,settings,sharing,storage-system,storage-publiclink,storage-shares,storage-users,store,thumbnails,users,web,webdav
       OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-error} # make oCIS less verbose
       OCIS_LOG_COLOR: "${OCIS_LOG_COLOR:-false}"
       OCIS_URL: https://${CLOUD_DOMAIN:-cloud.owncloud.test}

deployments/examples/oc10_ocis_parallel/monitoring_tracing/docker-compose-additions.yml

@@ -18,7 +18,6 @@ services:
       PROXY_DEBUG_ADDR: 0.0.0.0:9205
       SETTINGS_DEBUG_ADDR: 0.0.0.0:9194
       STORAGE_AUTH_BASIC_DEBUG_ADDR: 0.0.0.0:9147
-      STORAGE_AUTH_BEARER_DEBUG_ADDR: 0.0.0.0:9149
       STORAGE_AUTH_MACHINE_DEBUG_ADDR: 0.0.0.0:9167
       STORAGE_FRONTEND_DEBUG_ADDR: 0.0.0.0:9141
       STORAGE_GATEWAY_DEBUG_ADDR: 0.0.0.0:9143

deployments/examples/ocis_hello/monitoring_tracing/docker-compose-additions.yml

@@ -18,7 +18,6 @@ services:
       PROXY_DEBUG_ADDR: 0.0.0.0:9205
       SETTINGS_DEBUG_ADDR: 0.0.0.0:9194
       STORAGE_AUTH_BASIC_DEBUG_ADDR: 0.0.0.0:9147
-      STORAGE_AUTH_BEARER_DEBUG_ADDR: 0.0.0.0:9149
       STORAGE_AUTH_MACHINE_DEBUG_ADDR: 0.0.0.0:9167
       STORAGE_FRONTEND_DEBUG_ADDR: 0.0.0.0:9141
       STORAGE_GATEWAY_DEBUG_ADDR: 0.0.0.0:9143

deployments/examples/ocis_individual_services/docker-compose.yml

@@ -625,31 +625,6 @@ services:
       driver: "local"
     restart: always
 
-  auth-bearer:
-    image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest}
-    deploy:
-      replicas: ${OCIS_SCALE:-1}
-    networks:
-      ocis-net:
-    entrypoint:
-      - ocis
-      - auth-bearer
-      - server
-    environment:
-      AUTH_BEARER_LOG_LEVEL: "${OCIS_LOG_LEVEL:-error}"
-      AUTH_BEARER_LOG_COLOR: "${OCIS_LOG_COLOR:-false}"
-      AUTH_BEARER_LOG_PRETTY: "${OCIS_LOG_PRETTY:-false}"
-
-      AUTH_BEARER_GRPC_ADDR: 0.0.0.0:9148
-
-      AUTH_BEARER_JWT_SECRET: ${OCIS_JWT_SECRET}
-      REVA_GATEWAY: gateway:9142
-      AUTH_BEARER_OIDC_ISSUER: https://${OCIS_DOMAIN}
-
-    logging:
-      driver: "local"
-    restart: always
-
   storage-shares:
     image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest}
     deploy:
@@ -873,8 +848,6 @@ services:
       GATEWAY_USERS_ENDPOINT: users:9144
       GATEWAY_GROUPS_ENDPOINT: groups:9160
       GATEWAY_AUTH_BASIC_ENDPOINT: auth-basic:9146
-      GATEWAY_AUTH_BEARER_ENDPOINT: auth-bearer:9148
-      GATEWAY_AUTH_MACHINE_ENDPOINT: auth-machine:9166
       GATEWAY_PERMISSIONS_ENDPOINT: settings:9191
       GATEWAY_SHARING_ENDPOINT: sharing:9150
       GATEWAY_STORAGE_PUBLIC_LINK_ENDPOINT: storage-publiclink:9178

deployments/examples/ocis_individual_services/monitoring_tracing/docker-compose-additions.yml

@@ -115,14 +115,6 @@ services:
       OCIS_TRACING_ENDPOINT: jaeger-agent:6831
       # metrics
       STORAGE_AUTH_MACHINE_DEBUG_ADDR: 0.0.0.0:9167
-  storage-authbearer:
-    environment:
-      # tracing
-      OCIS_TRACING_ENABLED: "true"
-      OCIS_TRACING_TYPE: jaeger
-      OCIS_TRACING_ENDPOINT: jaeger-agent:6831
-      # metrics
-      STORAGE_AUTH_BEARER_DEBUG_ADDR: 0.0.0.0:9149
   storage-shares:
     environment:
       # tracing

deployments/examples/ocis_keycloak/monitoring_tracing/docker-compose-additions.yml

@@ -18,7 +18,6 @@ services:
       PROXY_DEBUG_ADDR: 0.0.0.0:9205
       SETTINGS_DEBUG_ADDR: 0.0.0.0:9194
       STORAGE_AUTH_BASIC_DEBUG_ADDR: 0.0.0.0:9147
-      STORAGE_AUTH_BEARER_DEBUG_ADDR: 0.0.0.0:9149
       STORAGE_AUTH_MACHINE_DEBUG_ADDR: 0.0.0.0:9167
       STORAGE_FRONTEND_DEBUG_ADDR: 0.0.0.0:9141
       STORAGE_GATEWAY_DEBUG_ADDR: 0.0.0.0:9143

deployments/examples/ocis_ldap/docker-compose.yml

@@ -74,7 +74,7 @@ services:
       IDP_LDAP_UUID_ATTRIBUTE_TYPE: binary
       GRAPH_LDAP_SERVER_WRITE_ENABLED: "false" # assuming the external ldap is readonly
       # OCIS_RUN_SERVICES specifies to start all services except glauth, idm and accounts. These are replaced by external services
-      OCIS_RUN_SERVICES: app-registry,app-provider,audit,auth-basic,auth-bearer,auth-machine,frontend,gateway,graph,graph-explorer,groups,idp,nats,notifications,ocdav,ocs,proxy,search,settings,sharing,storage-system,storage-publiclink,storage-shares,storage-users,store,thumbnails,users,web,webdav
+      OCIS_RUN_SERVICES: app-registry,app-provider,audit,auth-basic,auth-machine,frontend,gateway,graph,graph-explorer,groups,idp,nats,notifications,ocdav,ocs,proxy,search,settings,sharing,storage-system,storage-publiclink,storage-shares,storage-users,store,thumbnails,users,web,webdav
       # General oCIS config
       OCIS_URL: https://${OCIS_DOMAIN:-ocis.owncloud.test}
       OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-error} # make oCIS less verbose

deployments/examples/ocis_ldap/monitoring_tracing/docker-compose-additions.yml

@@ -18,7 +18,6 @@ services:
       PROXY_DEBUG_ADDR: 0.0.0.0:9205
       SETTINGS_DEBUG_ADDR: 0.0.0.0:9194
       STORAGE_AUTH_BASIC_DEBUG_ADDR: 0.0.0.0:9147
-      STORAGE_AUTH_BEARER_DEBUG_ADDR: 0.0.0.0:9149
       STORAGE_AUTH_MACHINE_DEBUG_ADDR: 0.0.0.0:9167
       STORAGE_FRONTEND_DEBUG_ADDR: 0.0.0.0:9141
       STORAGE_GATEWAY_DEBUG_ADDR: 0.0.0.0:9143

deployments/examples/ocis_s3/monitoring_tracing/docker-compose-additions.yml

@@ -18,7 +18,6 @@ services:
       PROXY_DEBUG_ADDR: 0.0.0.0:9205
       SETTINGS_DEBUG_ADDR: 0.0.0.0:9194
       STORAGE_AUTH_BASIC_DEBUG_ADDR: 0.0.0.0:9147
-      STORAGE_AUTH_BEARER_DEBUG_ADDR: 0.0.0.0:9149
       STORAGE_AUTH_MACHINE_DEBUG_ADDR: 0.0.0.0:9167
       STORAGE_FRONTEND_DEBUG_ADDR: 0.0.0.0:9141
       STORAGE_GATEWAY_DEBUG_ADDR: 0.0.0.0:9143

deployments/examples/ocis_traefik/monitoring_tracing/docker-compose-additions.yml

@@ -18,7 +18,6 @@ services:
       PROXY_DEBUG_ADDR: 0.0.0.0:9205
       SETTINGS_DEBUG_ADDR: 0.0.0.0:9194
       STORAGE_AUTH_BASIC_DEBUG_ADDR: 0.0.0.0:9147
-      STORAGE_AUTH_BEARER_DEBUG_ADDR: 0.0.0.0:9149
       STORAGE_AUTH_MACHINE_DEBUG_ADDR: 0.0.0.0:9167
       STORAGE_FRONTEND_DEBUG_ADDR: 0.0.0.0:9141
       STORAGE_GATEWAY_DEBUG_ADDR: 0.0.0.0:9143

deployments/examples/ocis_wopi/monitoring_tracing/docker-compose-additions.yml

@@ -18,7 +18,6 @@ services:
       PROXY_DEBUG_ADDR: 0.0.0.0:9205
       SETTINGS_DEBUG_ADDR: 0.0.0.0:9194
       STORAGE_AUTH_BASIC_DEBUG_ADDR: 0.0.0.0:9147
-      STORAGE_AUTH_BEARER_DEBUG_ADDR: 0.0.0.0:9149
       STORAGE_AUTH_MACHINE_DEBUG_ADDR: 0.0.0.0:9167
       STORAGE_FRONTEND_DEBUG_ADDR: 0.0.0.0:9141
       STORAGE_GATEWAY_DEBUG_ADDR: 0.0.0.0:9143