Zoom Keyhole

Documentation Status

A simple web application that displays Zoom rooms’ participants on Miro boards.

Quick-start

Setting up Miro board widgets

Within a Miro board, a text widget needs to be created with the configured Zoom meeting name and the text: “Meeting ID:”. The meeting ID itself will be added as a clickable link when the application runs.

Google Sheets configuration

The current Google Sheets config can be found here. It contains the following tabs:

  • Users

  • Rooms

  • Boards

  • Role symbols

Users

A new user is added with their name the same as that displayed on Zoom. A Unique Partial ID can be added if their Zoom display name is an email or another ID. Their role is given as specified in the ‘Role symbols’ tab. Their team, ART, and a custom emoji can also be added.

Rooms

A room must have the same name as that given in the Miro text widget. The meeting ID must also be supplied but the URL is optional. A UTC offset can be added which will be displayed with the local time in the widget. A room can also be enabled/ disabled using the enabled checkbox.

Boards

A board is added with its name and ID, which can be found in the URL. A board can also be enabled/ disabled using the checkbox.

Role symbols

The role symbols contains the various roles and their associated symbols, which are displayed next to the users in the widget.

Required environment variables

Zoom Keyhole requires that the following environment variables are set:

  • ZOOM_KEYHOLE_MIRO_API_TOKEN: Miro API token to use. A semi-colon separated list can be used to specify more than one token. If multiple tokens are provided, Miro API calls are shared between them. Note: For kubernetes deployments this is : seperated list

  • ZOOM_KEYHOLE_ZOOM_CLIENT_ID: Client ID for the Zoom OAuth app. Needed for polling the Zoom API for room participants. Used when getting initial room list and periodically for updating participants.

  • ZOOM_KEYHOLE_ZOOM_CLIENT_SECRET: Client secret for the Zoom OAuth app. Used in combination with the Zoom Client ID and Account ID.

  • ZOOM_KEYHOLE_ZOOM_ACCOUNT_ID: Zoom Account ID. Used in combination with the Zoom Client ID and Client secret.

  • ZOOM_KEYHOLE_WEBHOOK_SECRET_TOKEN: Zoom Webhook Secret Token used in verifying the authencity of webhook payloads.

  • ZOOM_KEYHOLE_GSHEET_KEY: API Key for google sheets. Used to load google sheets configuration.

  • ZOOM_KEYHOLE_GSHEET_ID: Google sheet ID where the configuration is found.

Deployment with Kubernetes

The included chart requires the all of the sensitive environment variable values to be passed in at runtime. This can be done by providing a values.yaml file:

helm install zoom ./charts/ska-zoom-keyhole --values values.yaml

An example (redacted) file is:

---
env:
  ZOOM_KEYHOLE_MIRO_API_TOKEN: "<a token>"
  ZOOM_KEYHOLE_ZOOM_CLIENT_ID: <client id>
  ZOOM_KEYHOLE_ZOOM_CLIENT_SECRET: <secret>
  ZOOM_KEYHOLE_ZOOM_ACCOUNT_ID: <account id>
  ZOOM_KEYHOLE_WEBHOOK_SECRET_TOKEN: <secret>
  ZOOM_KEYHOLE_GSHEET_KEY: <key>
  ZOOM_KEYHOLE_GSHEET_ID: <id>

Ingress URI

The default ingress URI is /ska/zoom-keyhole (values .ingress.*), so if this were deployed in STFC TechOps the the URL would be https://k8s.stfc.skao.int/ska/zoom-keyhole (Note: in TechOps a rule is required in the reverse proxy to enable unauthenticated access to this resource).

Vault Secret Integration

The Vault secrets are maintained at: https://vault.skao.int/ui/vault/secrets/stfc/show/ska-zoom-keyhole .

These cover the key/values:

  • ZOOM_KEYHOLE_MIRO_API_TOKEN

  • ZOOM_KEYHOLE_ZOOM_CLIENT_ID

  • ZOOM_KEYHOLE_ZOOM_CLIENT_SECRET

  • ZOOM_KEYHOLE_ZOOM_ACCOUNT_ID

  • ZOOM_KEYHOLE_WEBHOOK_SECRET_TOKEN

  • ZOOM_KEYHOLE_GSHEET_KEY

  • ZOOM_KEYHOLE_GSHEET_ID

Identical to the values.yaml file settings.