Add Multi-instance Signing

- Use env variable, JWT_SECRET_KEY, if passed in
- If not passed in, use established JWT_SECRET_KEY generation
- Update README

README.md

@@ -53,6 +53,7 @@ Table of contents
             * [Roles](#roles)
             * [Make Viewer endpoints public](#make-viewer-endpoints-public)
             * [Scripts](#scripts)
+          * [Multi-instance Setup](#multi-instance-setup)
           * [Add Custom URL Prefix](#add-custom-url-prefix)
           * [Optimize Storage](#optimize-storage)
           * [Export Native Full Report](#export-native-full-report)
@@ -1197,6 +1198,9 @@ python send_results_security.py
 
 - Declarative Pipeline script for JENKINS with security enabled: [allure-docker-api-usage/send_results_security_jenkins_pipeline.groovy](allure-docker-api-usage/send_results_security_jenkins_pipeline.groovy)
 
+#### Multi-instance Setup
+`Available from Allure Docker Service version 2.18.0`
+If you wish to use a setup with multiple instances, you will need to set `JWT_SECRET_KEY` env variables. Otherwise, requests may respond with `Invalid Token - Signature verification failed`.
 
 #### Add Custom URL Prefix
 `Available from Allure Docker Service version 2.13.5`

allure-docker-api/app.py

@@ -65,7 +65,6 @@ def __str__(self):
 app = Flask(__name__) #pylint: disable=invalid-name
 
 LOGGER = create_logger(app)
-app.config['JWT_SECRET_KEY'] = os.urandom(16)
 app.config['SEND_FILE_MAX_AGE_DEFAULT'] = 0
 app.config['JWT_BLACKLIST_ENABLED'] = True
 app.config['JWT_BLACKLIST_TOKEN_CHECKS'] = ['access', 'refresh']
@@ -234,6 +233,11 @@ def __str__(self):
     except Exception as ex:
         LOGGER.error('Wrong env var value. Setting VIEWER_ENDPOINTS_PUBLIC=0 by default')
 
+if "JWT_SECRET_KEY" in os.environ:
+    app.config['JWT_SECRET_KEY'] = os.environ['JWT_SECRET_KEY']
+else:
+    app.config['JWT_SECRET_KEY'] = os.urandom(16)
+
 if "SECURITY_USER" in os.environ:
     SECURITY_USER_TMP = os.environ['SECURITY_USER']
     if SECURITY_USER_TMP and SECURITY_USER_TMP.strip():