extern/zrok
1
1
Fork 0
mirror of https://github.com/openziti/zrok.git synced 2025-04-11 21:08:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

create missing erps for ctrl and frontend identities (#131)

Browse Source
This commit is contained in:
Michael Quigley 2022-12-05 15:00:22 -05:00
parent f385d9de3b
commit 0dcd614cd5
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
4 changed files with 38 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cmd/zrok/admin_bootstrap.go
View File

@ -13,6 +13,8 @@ func init() {
type adminBootstrap struct { type adminBootstrap struct {
cmd *cobra.Command cmd *cobra.Command
skipCtrl bool
skipFrontend bool
} }
func newAdminBootstrap() *adminBootstrap { func newAdminBootstrap() *adminBootstrap {
@ -23,6 +25,8 @@ func newAdminBootstrap() *adminBootstrap {
} }
command := &adminBootstrap{cmd: cmd} command := &adminBootstrap{cmd: cmd}
cmd.Run = command.run cmd.Run = command.run
cmd.Flags().BoolVar(&command.skipCtrl, "skip-ctrl", false, "Skip controller (ctrl) identity bootstrapping")
cmd.Flags().BoolVar(&command.skipFrontend, "skip-frontend", false, "Slip frontend identity bootstrapping")
return command return command
} }
@ -33,7 +37,7 @@ func (cmd *adminBootstrap) run(_ *cobra.Command, args []string) {
panic(err) panic(err)
} }
logrus.Infof(cf.Dump(inCfg, cf.DefaultOptions())) logrus.Infof(cf.Dump(inCfg, cf.DefaultOptions()))
if err := controller.Bootstrap(inCfg); err != nil { if err := controller.Bootstrap(cmd.skipCtrl, cmd.skipFrontend, inCfg); err != nil {
panic(err) panic(err)
} }
logrus.Info("bootstrap complete!") logrus.Info("bootstrap complete!")

11
controller/bootstrap.go
View File

@ -17,7 +17,7 @@ import (
"time" "time"
) )
func Bootstrap(inCfg *Config) error { func Bootstrap(skipCtrl, skipFrontend bool, inCfg *Config) error {
cfg = inCfg cfg = inCfg
edge, err := edgeClient() edge, err := edgeClient()
@ -25,6 +25,7 @@ func Bootstrap(inCfg *Config) error {
return err return err
} }
if !skipCtrl {
if ctrlZId, err := getIdentityId("ctrl"); err == nil { if ctrlZId, err := getIdentityId("ctrl"); err == nil {
logrus.Infof("controller identity: %v", ctrlZId) logrus.Infof("controller identity: %v", ctrlZId)
if err := assertIdentity(ctrlZId, edge); err != nil { if err := assertIdentity(ctrlZId, edge); err != nil {
@ -36,7 +37,9 @@ func Bootstrap(inCfg *Config) error {
} else { } else {
panic(err) panic(err)
} }
}
if !skipFrontend {
if frontendZId, err := getIdentityId("frontend"); err == nil { if frontendZId, err := getIdentityId("frontend"); err == nil {
logrus.Infof("frontend identity: %v", frontendZId) logrus.Infof("frontend identity: %v", frontendZId)
if err := assertIdentity(frontendZId, edge); err != nil { if err := assertIdentity(frontendZId, edge); err != nil {
@ -48,6 +51,7 @@ func Bootstrap(inCfg *Config) error {
} else { } else {
panic(err) panic(err)
} }
}
if err := assertZrokProxyConfigType(edge); err != nil { if err := assertZrokProxyConfigType(edge); err != nil {
return err return err
@ -143,7 +147,10 @@ func assertErpForIdentity(name, zId string, edge *rest_management_api_client.Zit
return errors.Wrapf(err, "error listing edge router policies for '%v' (%v)", name, zId) return errors.Wrapf(err, "error listing edge router policies for '%v' (%v)", name, zId)
} }
if len(listResp.Payload.Data) != 1 { if len(listResp.Payload.Data) != 1 {
return errors.Errorf("found %d erps for '%v' (%v)", name, zId) logrus.Infof("creating erp for '%v' (%v)", name, zId)
if err := createEdgeRouterPolicy(name, zId, edge); err != nil {
return errors.Wrapf(err, "error creating erp for '%v' (%v)", name, zId)
}
} }
logrus.Infof("asserted erps for '%v' (%v)", name, zId) logrus.Infof("asserted erps for '%v' (%v)", name, zId)
return nil return nil

4
controller/edge.go
View File

@ -288,14 +288,14 @@ func deleteService(envZId, svcZId string, edge *rest_management_api_client.ZitiE
return nil return nil
} }
func createEdgeRouterPolicy(zId string, edge *rest_management_api_client.ZitiEdgeManagement) error { func createEdgeRouterPolicy(name, zId string, edge *rest_management_api_client.ZitiEdgeManagement) error {
edgeRouterRoles := []string{"#all"} edgeRouterRoles := []string{"#all"}
identityRoles := []string{fmt.Sprintf("@%v", zId)} identityRoles := []string{fmt.Sprintf("@%v", zId)}
semantic := rest_model_edge.SemanticAllOf semantic := rest_model_edge.SemanticAllOf
erp := &rest_model_edge.EdgeRouterPolicyCreate{ erp := &rest_model_edge.EdgeRouterPolicyCreate{
EdgeRouterRoles: edgeRouterRoles, EdgeRouterRoles: edgeRouterRoles,
IdentityRoles: identityRoles, IdentityRoles: identityRoles,
Name: &zId, Name: &name,
Semantic: &semantic, Semantic: &semantic,
Tags: zrokTags(), Tags: zrokTags(),
} }

9
controller/enable.go
View File

@ -35,12 +35,13 @@ func (h *enableHandler) Handle(params environment.EnableParams, principal *rest_
logrus.Error(err) logrus.Error(err)
return environment.NewEnableInternalServerError() return environment.NewEnableInternalServerError()
} }
cfg, err := enrollIdentity(ident.Payload.Data.ID, client) envZId := ident.Payload.Data.ID
cfg, err := enrollIdentity(envZId, client)
if err != nil { if err != nil {
logrus.Error(err) logrus.Error(err)
return environment.NewEnableInternalServerError() return environment.NewEnableInternalServerError()
} }
if err := createEdgeRouterPolicy(ident.Payload.Data.ID, client); err != nil { if err := createEdgeRouterPolicy(envZId, envZId, client); err != nil {
logrus.Error(err) logrus.Error(err)
return environment.NewEnableInternalServerError() return environment.NewEnableInternalServerError()
} }
@ -48,7 +49,7 @@ func (h *enableHandler) Handle(params environment.EnableParams, principal *rest_
Description: params.Body.Description, Description: params.Body.Description,
Host: params.Body.Host, Host: params.Body.Host,
Address: realRemoteAddress(params.HTTPRequest), Address: realRemoteAddress(params.HTTPRequest),
ZId: ident.Payload.Data.ID, ZId: envZId,
}, tx) }, tx)
if err != nil { if err != nil {
logrus.Errorf("error storing created identity: %v", err) logrus.Errorf("error storing created identity: %v", err)
@ -62,7 +63,7 @@ func (h *enableHandler) Handle(params environment.EnableParams, principal *rest_
logrus.Infof("created environment for '%v', with ziti identity '%v', and database id '%v'", principal.Email, ident.Payload.Data.ID, envId) logrus.Infof("created environment for '%v', with ziti identity '%v', and database id '%v'", principal.Email, ident.Payload.Data.ID, envId)
resp := environment.NewEnableCreated().WithPayload(&rest_model_zrok.EnableResponse{ resp := environment.NewEnableCreated().WithPayload(&rest_model_zrok.EnableResponse{
Identity: ident.Payload.Data.ID, Identity: envZId,
}) })
var out bytes.Buffer var out bytes.Buffer