ziti edge client in sdk package (#128)

2025-06-19 17:27:54 +02:00 · 2023-03-07 14:31:39 -05:00 · 2023-03-07 14:31:39 -05:00 · 3a0c06f54d
commit 3a0c06f54d
parent df4c52aae5
15 changed files with 62 additions and 33 deletions
--- a/controller/access.go
+++ b/controller/access.go
@ -66,7 +66,7 @@ func (h *accessHandler) Handle(params share.AccessParams, principal *rest_model_
 		return share.NewAccessInternalServerError()
 	}

-	edge, err := edgeClient()
+	edge, err := zrokEdgeSdk.Client(cfg.Ziti)
 	if err != nil {
 		logrus.Error(err)
 		return share.NewAccessInternalServerError()
--- a/controller/bootstrap.go
+++ b/controller/bootstrap.go
@ -32,7 +32,7 @@ func Bootstrap(skipCtrl, skipFrontend bool, inCfg *Config) error {
 	}

 	logrus.Info("connecting to the ziti edge management api")
-	edge, err := edgeClient()
+	edge, err := zrokEdgeSdk.Client(cfg.Ziti)
 	if err != nil {
 		return errors.Wrap(err, "error connecting to the ziti edge management api")
 	}
--- a/controller/config.go
+++ b/controller/config.go
@ -1,6 +1,7 @@
 package controller

 import (
+	"github.com/openziti/zrok/controller/zrokEdgeSdk"
 	"time"

 	"github.com/michaelquigley/cf"
@ -21,7 +22,7 @@ type Config struct {
 	Registration  *RegistrationConfig
 	ResetPassword *ResetPasswordConfig
 	Store         *store.Config
-	Ziti          *ZitiConfig
+	Ziti          *zrokEdgeSdk.ZitiConfig
 }

 type AdminConfig struct {
@ -51,12 +52,6 @@ type ResetPasswordConfig struct {
 	ResetUrlTemplate string
 }

-type ZitiConfig struct {
-	ApiEndpoint string
-	Username    string
-	Password    string `cf:"+secret"`
-}
-
 type InfluxConfig struct {
 	Url    string
 	Bucket string
--- a/controller/createFrontend.go
+++ b/controller/createFrontend.go
@ -25,7 +25,7 @@ func (h *createFrontendHandler) Handle(params admin.CreateFrontendParams, princi
 		return admin.NewCreateFrontendUnauthorized()
 	}

-	client, err := edgeClient()
+	client, err := zrokEdgeSdk.Client(cfg.Ziti)
 	if err != nil {
 		logrus.Errorf("error getting edge client: %v", err)
 		return admin.NewCreateFrontendInternalServerError()
--- a/controller/createIdentity.go
+++ b/controller/createIdentity.go
@ -25,7 +25,7 @@ func (h *createIdentityHandler) Handle(params admin.CreateIdentityParams, princi
 		return admin.NewCreateIdentityUnauthorized()
 	}

-	edge, err := edgeClient()
+	edge, err := zrokEdgeSdk.Client(cfg.Ziti)
 	if err != nil {
 		logrus.Errorf("error getting edge client: %v", err)
 		return admin.NewCreateIdentityInternalServerError()
--- a/controller/disable.go
+++ b/controller/disable.go
@ -36,7 +36,7 @@ func (h *disableHandler) Handle(params environment.DisableParams, principal *res
 		logrus.Errorf("error getting environment for user '%v': %v", principal.Email, err)
 		return environment.NewDisableInternalServerError()
 	}
-	edge, err := edgeClient()
+	edge, err := zrokEdgeSdk.Client(cfg.Ziti)
 	if err != nil {
 		logrus.Errorf("error getting edge client for user '%v': %v", principal.Email, err)
 		return environment.NewDisableInternalServerError()
--- a/controller/enable.go
+++ b/controller/enable.go
@ -35,7 +35,7 @@ func (h *enableHandler) Handle(params environment.EnableParams, principal *rest_
 		return environment.NewEnableUnauthorized()
 	}

-	client, err := edgeClient()
+	client, err := zrokEdgeSdk.Client(cfg.Ziti)
 	if err != nil {
 		logrus.Errorf("error getting edge client for user '%v': %v", principal.Email, err)
 		return environment.NewEnableInternalServerError()
--- a/controller/gc.go
+++ b/controller/gc.go
@ -28,7 +28,7 @@ func GC(inCfg *Config) error {
 			logrus.Errorf("error closing store: %v", err)
 		}
 	}()
-	edge, err := edgeClient()
+	edge, err := zrokEdgeSdk.Client(cfg.Ziti)
 	if err != nil {
 		return err
 	}
--- a/controller/share.go
+++ b/controller/share.go
@ -4,6 +4,7 @@ import (
 	"github.com/go-openapi/runtime/middleware"
 	"github.com/jmoiron/sqlx"
 	"github.com/openziti/zrok/controller/store"
+	"github.com/openziti/zrok/controller/zrokEdgeSdk"
 	"github.com/openziti/zrok/rest_model_zrok"
 	"github.com/openziti/zrok/rest_server_zrok/operations/share"
 	"github.com/pkg/errors"
@ -55,7 +56,7 @@ func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zr
 		return share.NewShareUnauthorized()
 	}

-	edge, err := edgeClient()
+	edge, err := zrokEdgeSdk.Client(cfg.Ziti)
 	if err != nil {
 		logrus.Error(err)
 		return share.NewShareInternalServerError()
--- a/controller/startup.go
+++ b/controller/startup.go
@ -5,6 +5,7 @@ import (
 	"fmt"
 	"github.com/openziti/edge/rest_management_api_client"
 	"github.com/openziti/edge/rest_management_api_client/config"
+	"github.com/openziti/zrok/controller/zrokEdgeSdk"
 	"github.com/openziti/zrok/model"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
@ -23,7 +24,7 @@ func controllerStartup() error {
 func inspectZiti() error {
 	logrus.Infof("inspecting ziti controller configuration")

-	edge, err := edgeClient()
+	edge, err := zrokEdgeSdk.Client(cfg.Ziti)
 	if err != nil {
 		return errors.Wrap(err, "error getting ziti edge client")
 	}
--- a/controller/unaccess.go
+++ b/controller/unaccess.go
@ -29,7 +29,7 @@ func (h *unaccessHandler) Handle(params share.UnaccessParams, principal *rest_mo
 	}
 	defer func() { _ = tx.Rollback() }()

-	edge, err := edgeClient()
+	edge, err := zrokEdgeSdk.Client(cfg.Ziti)
 	if err != nil {
 		logrus.Error(err)
 		return share.NewUnaccessInternalServerError()
--- a/controller/unshare.go
+++ b/controller/unshare.go
@ -29,7 +29,7 @@ func (h *unshareHandler) Handle(params share.UnshareParams, principal *rest_mode
 	}
 	defer func() { _ = tx.Rollback() }()

-	edge, err := edgeClient()
+	edge, err := zrokEdgeSdk.Client(cfg.Ziti)
 	if err != nil {
 		logrus.Errorf("error getting edge client for '%v': %v", principal.Email, err)
 		return share.NewUnshareInternalServerError()
--- a/controller/util.go
+++ b/controller/util.go
@ -1,11 +1,8 @@
 package controller

 import (
-	"crypto/x509"
 	errors2 "github.com/go-openapi/errors"
 	"github.com/jaevor/go-nanoid"
-	"github.com/openziti/edge/rest_management_api_client"
-	"github.com/openziti/edge/rest_util"
 	"github.com/openziti/zrok/rest_model_zrok"
 	"github.com/sirupsen/logrus"
 	"net/http"
@ -56,18 +53,6 @@ func (za *zrokAuthenticator) authenticate(token string) (*rest_model_zrok.Princi
 	}
 }

-func edgeClient() (*rest_management_api_client.ZitiEdgeManagement, error) {
-	caCerts, err := rest_util.GetControllerWellKnownCas(cfg.Ziti.ApiEndpoint)
-	if err != nil {
-		return nil, err
-	}
-	caPool := x509.NewCertPool()
-	for _, ca := range caCerts {
-		caPool.AddCert(ca)
-	}
-	return rest_util.NewEdgeManagementClientWithUpdb(cfg.Ziti.Username, cfg.Ziti.Password, cfg.Ziti.ApiEndpoint, caPool)
-}
-
 func createShareToken() (string, error) {
 	gen, err := nanoid.CustomASCII("abcdefghijklmnopqrstuvwxyz0123456789", 12)
 	if err != nil {
--- a/controller/zrokEdgeSdk/client.go
+++ b/controller/zrokEdgeSdk/client.go
@ -0,0 +1,25 @@
+package zrokEdgeSdk
+
+import (
+	"crypto/x509"
+	"github.com/openziti/edge/rest_management_api_client"
+	"github.com/openziti/edge/rest_util"
+)
+
+type ZitiConfig struct {
+	ApiEndpoint string
+	Username    string
+	Password    string `cf:"+secret"`
+}
+
+func Client(cfg *ZitiConfig) (*rest_management_api_client.ZitiEdgeManagement, error) {
+	caCerts, err := rest_util.GetControllerWellKnownCas(cfg.ApiEndpoint)
+	if err != nil {
+		return nil, err
+	}
+	caPool := x509.NewCertPool()
+	for _, ca := range caCerts {
+		caPool.AddCert(ca)
+	}
+	return rest_util.NewEdgeManagementClientWithUpdb(cfg.Username, cfg.Password, cfg.ApiEndpoint, caPool)
+}
--- a/controller/zrokEdgeSdk/service.go
+++ b/controller/zrokEdgeSdk/service.go
@ -2,6 +2,7 @@ package zrokEdgeSdk

 import (
 	"context"
+	"fmt"
 	"github.com/openziti/edge/rest_management_api_client"
 	edge_service "github.com/openziti/edge/rest_management_api_client/service"
 	"github.com/openziti/edge/rest_model"
@ -10,6 +11,27 @@ import (
 	"time"
 )

+func FindShareService(svcZId string, edge *rest_management_api_client.ZitiEdgeManagement) (string, error) {
+	filter := fmt.Sprintf("id=\"%v\"", svcZId)
+	limit := int64(0)
+	offset := int64(0)
+	listReq := &edge_service.ListServicesParams{
+		Filter:  &filter,
+		Limit:   &limit,
+		Offset:  &offset,
+		Context: context.Background(),
+	}
+	listReq.SetTimeout(30 * time.Second)
+	listResp, err := edge.Service.ListServices(listReq, nil)
+	if err != nil {
+		return "", errors.Wrapf(err, "error listing service '%v'", svcZId)
+	}
+	if len(listResp.Payload.Data) == 1 {
+		return *listResp.Payload.Data[0].Name, nil
+	}
+	return "", errors.Errorf("service with ziti id '%v' not found", svcZId)
+}
+
 func CreateShareService(envZId, shrToken, cfgZId string, edge *rest_management_api_client.ZitiEdgeManagement) (shrZId string, err error) {
 	shrZId, err = CreateService(shrToken, []string{cfgZId}, map[string]interface{}{"zrokShareToken": shrToken}, edge)
 	if err != nil {