more access private elaboration (#106, #109)

This commit is contained in:
Michael Quigley 2022-11-23 12:39:42 -05:00
parent 09c603845c
commit 213a6d7407
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
4 changed files with 69 additions and 15 deletions

View File

@ -1,8 +1,18 @@
package main package main
import ( import (
"github.com/go-openapi/runtime"
httptransport "github.com/go-openapi/runtime/client"
"github.com/openziti-test-kitchen/zrok/endpoints/private_frontend"
"github.com/openziti-test-kitchen/zrok/rest_client_zrok"
"github.com/openziti-test-kitchen/zrok/rest_client_zrok/service"
"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
"github.com/openziti-test-kitchen/zrok/zrokdir" "github.com/openziti-test-kitchen/zrok/zrokdir"
"github.com/sirupsen/logrus"
"github.com/spf13/cobra" "github.com/spf13/cobra"
"os"
"os/signal"
"syscall"
) )
type accessPrivateCommand struct { type accessPrivateCommand struct {
@ -21,6 +31,8 @@ func newAccessPrivateCommand() *accessPrivateCommand {
} }
func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) { func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
svcName := args[0]
env, err := zrokdir.LoadEnvironment() env, err := zrokdir.LoadEnvironment()
if err != nil { if err != nil {
if !panicInstead { if !panicInstead {
@ -28,16 +40,6 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
} }
panic(err) panic(err)
} }
zif, err := zrokdir.ZitiIdentityFile("backend")
if err != nil {
if !panicInstead {
showError("unable to load ziti identity configuration", err)
}
panic(err)
}
if zif == "" {
panic("never")
}
zrok, err := zrokdir.ZrokClient(env.ApiEndpoint) zrok, err := zrokdir.ZrokClient(env.ApiEndpoint)
if err != nil { if err != nil {
if !panicInstead { if !panicInstead {
@ -45,7 +47,55 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
} }
panic(err) panic(err)
} }
if zrok == nil {
panic("never") auth := httptransport.APIKeyAuth("X-TOKEN", "header", env.Token)
req := service.NewAccessParams()
req.Body = &rest_model_zrok.AccessRequest{
SvcName: svcName,
ZID: env.ZId,
}
_, err = zrok.Service.Access(req, auth)
if err != nil {
if !panicInstead {
showError("unable to access", err)
}
panic(err)
}
cfg := private_frontend.DefaultConfig("backend")
c := make(chan os.Signal)
signal.Notify(c, os.Interrupt, syscall.SIGTERM)
go func() {
<-c
cmd.destroy(env.ZId, svcName, zrok, auth)
os.Exit(0)
}()
frontend, err := private_frontend.NewHTTP(cfg)
if err != nil {
if !panicInstead {
showError("unable to create private frontend", err)
}
panic(err)
}
if err := frontend.Run(); err != nil {
if !panicInstead {
showError("unable to run frontend", err)
}
}
}
func (cmd *accessPrivateCommand) destroy(envZId, svcName string, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
logrus.Debugf("shutting down '%v'", svcName)
req := service.NewUnaccessParams()
req.Body = &rest_model_zrok.UnaccessRequest{
SvcName: svcName,
ZID: envZId,
}
if _, err := zrok.Service.Unaccess(req, auth); err == nil {
logrus.Debugf("shutdown complete")
} else {
logrus.Errorf("error shutting down: %v", err)
} }
} }

View File

@ -39,14 +39,14 @@ func (self *httpFrontendCommand) run(_ *cobra.Command, args []string) {
} }
} }
logrus.Infof(cf.Dump(cfg, cf.DefaultOptions())) logrus.Infof(cf.Dump(cfg, cf.DefaultOptions()))
httpListener, err := public_frontend.NewHTTP(cfg) frontend, err := public_frontend.NewHTTP(cfg)
if err != nil { if err != nil {
if !panicInstead { if !panicInstead {
showError("unable to create http frontend", err) showError("unable to create http frontend", err)
} }
panic(err) panic(err)
} }
if err := httpListener.Run(); err != nil { if err := frontend.Run(); err != nil {
if !panicInstead { if !panicInstead {
showError("unable to run http frontend", err) showError("unable to run http frontend", err)
} }

View File

@ -106,7 +106,7 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) {
if err != nil { if err != nil {
ui.Close() ui.Close()
if !panicInstead { if !panicInstead {
showError("unable to create tunnel", err) showError("unable to create share", err)
} }
panic(err) panic(err)
} }

View File

@ -54,6 +54,10 @@ func NewHTTP(cfg *Config) (*httpFrontend, error) {
}, nil }, nil
} }
func (h *httpFrontend) Run() error {
return http.ListenAndServe(h.cfg.Address, h.handler)
}
type zitiDialContext struct { type zitiDialContext struct {
ctx ziti.Context ctx ziti.Context
svcName string svcName string