mirror of
https://github.com/openziti/zrok.git
synced 2024-11-22 16:13:47 +01:00
create missing erps for ctrl and frontend identities (#131)
This commit is contained in:
parent
f385d9de3b
commit
0dcd614cd5
@ -12,7 +12,9 @@ func init() {
|
||||
}
|
||||
|
||||
type adminBootstrap struct {
|
||||
cmd *cobra.Command
|
||||
cmd *cobra.Command
|
||||
skipCtrl bool
|
||||
skipFrontend bool
|
||||
}
|
||||
|
||||
func newAdminBootstrap() *adminBootstrap {
|
||||
@ -23,6 +25,8 @@ func newAdminBootstrap() *adminBootstrap {
|
||||
}
|
||||
command := &adminBootstrap{cmd: cmd}
|
||||
cmd.Run = command.run
|
||||
cmd.Flags().BoolVar(&command.skipCtrl, "skip-ctrl", false, "Skip controller (ctrl) identity bootstrapping")
|
||||
cmd.Flags().BoolVar(&command.skipFrontend, "skip-frontend", false, "Slip frontend identity bootstrapping")
|
||||
return command
|
||||
}
|
||||
|
||||
@ -33,7 +37,7 @@ func (cmd *adminBootstrap) run(_ *cobra.Command, args []string) {
|
||||
panic(err)
|
||||
}
|
||||
logrus.Infof(cf.Dump(inCfg, cf.DefaultOptions()))
|
||||
if err := controller.Bootstrap(inCfg); err != nil {
|
||||
if err := controller.Bootstrap(cmd.skipCtrl, cmd.skipFrontend, inCfg); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
logrus.Info("bootstrap complete!")
|
||||
|
@ -17,7 +17,7 @@ import (
|
||||
"time"
|
||||
)
|
||||
|
||||
func Bootstrap(inCfg *Config) error {
|
||||
func Bootstrap(skipCtrl, skipFrontend bool, inCfg *Config) error {
|
||||
cfg = inCfg
|
||||
|
||||
edge, err := edgeClient()
|
||||
@ -25,28 +25,32 @@ func Bootstrap(inCfg *Config) error {
|
||||
return err
|
||||
}
|
||||
|
||||
if ctrlZId, err := getIdentityId("ctrl"); err == nil {
|
||||
logrus.Infof("controller identity: %v", ctrlZId)
|
||||
if err := assertIdentity(ctrlZId, edge); err != nil {
|
||||
if !skipCtrl {
|
||||
if ctrlZId, err := getIdentityId("ctrl"); err == nil {
|
||||
logrus.Infof("controller identity: %v", ctrlZId)
|
||||
if err := assertIdentity(ctrlZId, edge); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
if err := assertErpForIdentity("ctrl", ctrlZId, edge); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
} else {
|
||||
panic(err)
|
||||
}
|
||||
if err := assertErpForIdentity("ctrl", ctrlZId, edge); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
} else {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
if frontendZId, err := getIdentityId("frontend"); err == nil {
|
||||
logrus.Infof("frontend identity: %v", frontendZId)
|
||||
if err := assertIdentity(frontendZId, edge); err != nil {
|
||||
if !skipFrontend {
|
||||
if frontendZId, err := getIdentityId("frontend"); err == nil {
|
||||
logrus.Infof("frontend identity: %v", frontendZId)
|
||||
if err := assertIdentity(frontendZId, edge); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
if err := assertErpForIdentity("frontend", frontendZId, edge); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
} else {
|
||||
panic(err)
|
||||
}
|
||||
if err := assertErpForIdentity("frontend", frontendZId, edge); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
} else {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
if err := assertZrokProxyConfigType(edge); err != nil {
|
||||
@ -143,7 +147,10 @@ func assertErpForIdentity(name, zId string, edge *rest_management_api_client.Zit
|
||||
return errors.Wrapf(err, "error listing edge router policies for '%v' (%v)", name, zId)
|
||||
}
|
||||
if len(listResp.Payload.Data) != 1 {
|
||||
return errors.Errorf("found %d erps for '%v' (%v)", name, zId)
|
||||
logrus.Infof("creating erp for '%v' (%v)", name, zId)
|
||||
if err := createEdgeRouterPolicy(name, zId, edge); err != nil {
|
||||
return errors.Wrapf(err, "error creating erp for '%v' (%v)", name, zId)
|
||||
}
|
||||
}
|
||||
logrus.Infof("asserted erps for '%v' (%v)", name, zId)
|
||||
return nil
|
||||
|
@ -288,14 +288,14 @@ func deleteService(envZId, svcZId string, edge *rest_management_api_client.ZitiE
|
||||
return nil
|
||||
}
|
||||
|
||||
func createEdgeRouterPolicy(zId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
|
||||
func createEdgeRouterPolicy(name, zId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
|
||||
edgeRouterRoles := []string{"#all"}
|
||||
identityRoles := []string{fmt.Sprintf("@%v", zId)}
|
||||
semantic := rest_model_edge.SemanticAllOf
|
||||
erp := &rest_model_edge.EdgeRouterPolicyCreate{
|
||||
EdgeRouterRoles: edgeRouterRoles,
|
||||
IdentityRoles: identityRoles,
|
||||
Name: &zId,
|
||||
Name: &name,
|
||||
Semantic: &semantic,
|
||||
Tags: zrokTags(),
|
||||
}
|
||||
|
@ -35,12 +35,13 @@ func (h *enableHandler) Handle(params environment.EnableParams, principal *rest_
|
||||
logrus.Error(err)
|
||||
return environment.NewEnableInternalServerError()
|
||||
}
|
||||
cfg, err := enrollIdentity(ident.Payload.Data.ID, client)
|
||||
envZId := ident.Payload.Data.ID
|
||||
cfg, err := enrollIdentity(envZId, client)
|
||||
if err != nil {
|
||||
logrus.Error(err)
|
||||
return environment.NewEnableInternalServerError()
|
||||
}
|
||||
if err := createEdgeRouterPolicy(ident.Payload.Data.ID, client); err != nil {
|
||||
if err := createEdgeRouterPolicy(envZId, envZId, client); err != nil {
|
||||
logrus.Error(err)
|
||||
return environment.NewEnableInternalServerError()
|
||||
}
|
||||
@ -48,7 +49,7 @@ func (h *enableHandler) Handle(params environment.EnableParams, principal *rest_
|
||||
Description: params.Body.Description,
|
||||
Host: params.Body.Host,
|
||||
Address: realRemoteAddress(params.HTTPRequest),
|
||||
ZId: ident.Payload.Data.ID,
|
||||
ZId: envZId,
|
||||
}, tx)
|
||||
if err != nil {
|
||||
logrus.Errorf("error storing created identity: %v", err)
|
||||
@ -62,7 +63,7 @@ func (h *enableHandler) Handle(params environment.EnableParams, principal *rest_
|
||||
logrus.Infof("created environment for '%v', with ziti identity '%v', and database id '%v'", principal.Email, ident.Payload.Data.ID, envId)
|
||||
|
||||
resp := environment.NewEnableCreated().WithPayload(&rest_model_zrok.EnableResponse{
|
||||
Identity: ident.Payload.Data.ID,
|
||||
Identity: envZId,
|
||||
})
|
||||
|
||||
var out bytes.Buffer
|
||||
|
Loading…
Reference in New Issue
Block a user