mirror of
https://github.com/openziti/zrok.git
synced 2025-01-18 03:48:51 +01:00
zrok reserve; zrok release (#41)
This commit is contained in:
parent
f9143c3a5b
commit
3f5c5003de
63
cmd/zrok/release.go
Normal file
63
cmd/zrok/release.go
Normal file
@ -0,0 +1,63 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
ui "github.com/gizak/termui/v3"
|
||||
httptransport "github.com/go-openapi/runtime/client"
|
||||
"github.com/openziti-test-kitchen/zrok/rest_client_zrok/service"
|
||||
"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
|
||||
"github.com/openziti-test-kitchen/zrok/zrokdir"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/spf13/cobra"
|
||||
)
|
||||
|
||||
func init() {
|
||||
rootCmd.AddCommand(newReleaseCommand().cmd)
|
||||
}
|
||||
|
||||
type releaseCommand struct {
|
||||
cmd *cobra.Command
|
||||
}
|
||||
|
||||
func newReleaseCommand() *releaseCommand {
|
||||
cmd := &cobra.Command{
|
||||
Use: "release <serviceToken>",
|
||||
Short: "Release a reserved service",
|
||||
Args: cobra.ExactArgs(1),
|
||||
}
|
||||
command := &releaseCommand{cmd: cmd}
|
||||
cmd.Run = command.run
|
||||
return command
|
||||
}
|
||||
|
||||
func (cmd *releaseCommand) run(_ *cobra.Command, args []string) {
|
||||
svcToken := args[0]
|
||||
env, err := zrokdir.LoadEnvironment()
|
||||
if err != nil {
|
||||
ui.Close()
|
||||
if !panicInstead {
|
||||
showError("unable to load environment; did you 'zrok enable'?", err)
|
||||
}
|
||||
panic(err)
|
||||
}
|
||||
|
||||
zrok, err := zrokdir.ZrokClient(env.ApiEndpoint)
|
||||
if err != nil {
|
||||
ui.Close()
|
||||
if !panicInstead {
|
||||
showError("unable to create zrok client", err)
|
||||
}
|
||||
panic(err)
|
||||
}
|
||||
auth := httptransport.APIKeyAuth("X-TOKEN", "header", env.Token)
|
||||
req := service.NewUnshareParams()
|
||||
req.Body = &rest_model_zrok.UnshareRequest{
|
||||
EnvZID: env.ZId,
|
||||
SvcToken: svcToken,
|
||||
Reserved: true,
|
||||
}
|
||||
if _, err := zrok.Service.Unshare(req, auth); err != nil {
|
||||
logrus.Errorf("error releasing service '%v': %v", svcToken, err)
|
||||
}
|
||||
|
||||
logrus.Infof("reserved service '%v' released", svcToken)
|
||||
}
|
108
cmd/zrok/reserve.go
Normal file
108
cmd/zrok/reserve.go
Normal file
@ -0,0 +1,108 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
ui "github.com/gizak/termui/v3"
|
||||
httptransport "github.com/go-openapi/runtime/client"
|
||||
"github.com/openziti-test-kitchen/zrok/model"
|
||||
"github.com/openziti-test-kitchen/zrok/rest_client_zrok/service"
|
||||
"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
|
||||
"github.com/openziti-test-kitchen/zrok/zrokdir"
|
||||
"github.com/pkg/errors"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/spf13/cobra"
|
||||
"net/url"
|
||||
"strings"
|
||||
)
|
||||
|
||||
func init() {
|
||||
rootCmd.AddCommand(newReserveCommand().cmd)
|
||||
}
|
||||
|
||||
type reserveCommand struct {
|
||||
basicAuth []string
|
||||
cmd *cobra.Command
|
||||
}
|
||||
|
||||
func newReserveCommand() *reserveCommand {
|
||||
cmd := &cobra.Command{
|
||||
Use: "reserve <public|private> <targetEndpoint>",
|
||||
Short: "Reserve a service",
|
||||
Args: cobra.ExactArgs(2),
|
||||
}
|
||||
command := &reserveCommand{cmd: cmd}
|
||||
cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...)")
|
||||
cmd.Run = command.run
|
||||
return command
|
||||
}
|
||||
|
||||
func (cmd *reserveCommand) run(_ *cobra.Command, args []string) {
|
||||
shareMode := args[0]
|
||||
if shareMode != "public" && shareMode != "private" {
|
||||
showError("invalid sharing mode; expecting 'public' or 'private'", nil)
|
||||
}
|
||||
|
||||
targetEndpoint, err := url.Parse(args[0])
|
||||
if err != nil {
|
||||
if !panicInstead {
|
||||
showError("invalid target endpoint URL", err)
|
||||
}
|
||||
panic(err)
|
||||
}
|
||||
if targetEndpoint.Scheme == "" {
|
||||
targetEndpoint.Scheme = "https"
|
||||
}
|
||||
|
||||
env, err := zrokdir.LoadEnvironment()
|
||||
if err != nil {
|
||||
ui.Close()
|
||||
if !panicInstead {
|
||||
showError("unable to load environment; did you 'zrok enable'?", err)
|
||||
}
|
||||
panic(err)
|
||||
}
|
||||
|
||||
zrok, err := zrokdir.ZrokClient(env.ApiEndpoint)
|
||||
if err != nil {
|
||||
ui.Close()
|
||||
if !panicInstead {
|
||||
showError("unable to create zrok client", err)
|
||||
}
|
||||
panic(err)
|
||||
}
|
||||
auth := httptransport.APIKeyAuth("X-TOKEN", "header", env.Token)
|
||||
req := service.NewShareParams()
|
||||
req.Body = &rest_model_zrok.ShareRequest{
|
||||
EnvZID: env.ZId,
|
||||
ShareMode: shareMode,
|
||||
BackendMode: "proxy",
|
||||
BackendProxyEndpoint: targetEndpoint.String(),
|
||||
AuthScheme: string(model.None),
|
||||
Reserved: true,
|
||||
}
|
||||
if len(cmd.basicAuth) > 0 {
|
||||
logrus.Infof("configuring basic auth")
|
||||
req.Body.AuthScheme = string(model.Basic)
|
||||
for _, pair := range cmd.basicAuth {
|
||||
tokens := strings.Split(pair, ":")
|
||||
if len(tokens) == 2 {
|
||||
req.Body.AuthUsers = append(req.Body.AuthUsers, &rest_model_zrok.AuthUser{Username: strings.TrimSpace(tokens[0]), Password: strings.TrimSpace(tokens[1])})
|
||||
} else {
|
||||
panic(errors.Errorf("invalid username:password pair '%v'", pair))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
resp, err := zrok.Service.Share(req, auth)
|
||||
if err != nil {
|
||||
ui.Close()
|
||||
if !panicInstead {
|
||||
showError("unable to create tunnel", err)
|
||||
}
|
||||
panic(err)
|
||||
}
|
||||
|
||||
logrus.Infof("your reserved service token is '%v'", resp.Payload.SvcToken)
|
||||
if resp.Payload.FrontendProxyEndpoint != "" {
|
||||
logrus.Infof("your reserved service frontend is '%v'", resp.Payload.FrontendProxyEndpoint)
|
||||
}
|
||||
}
|
@ -1,126 +0,0 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
ui "github.com/gizak/termui/v3"
|
||||
"github.com/go-openapi/runtime"
|
||||
httptransport "github.com/go-openapi/runtime/client"
|
||||
"github.com/openziti-test-kitchen/zrok/endpoints/backend"
|
||||
"github.com/openziti-test-kitchen/zrok/rest_client_zrok"
|
||||
"github.com/openziti-test-kitchen/zrok/rest_client_zrok/service"
|
||||
"github.com/openziti-test-kitchen/zrok/rest_model_zrok"
|
||||
"github.com/openziti-test-kitchen/zrok/zrokdir"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/spf13/cobra"
|
||||
"net/url"
|
||||
"os"
|
||||
"os/signal"
|
||||
"syscall"
|
||||
"time"
|
||||
)
|
||||
|
||||
func init() {
|
||||
shareCmd.AddCommand(newShareAgainCommand().cmd)
|
||||
}
|
||||
|
||||
type shareAgainCommand struct {
|
||||
cmd *cobra.Command
|
||||
}
|
||||
|
||||
func newShareAgainCommand() *shareAgainCommand {
|
||||
cmd := &cobra.Command{
|
||||
Use: "again <serviceToken> <targetEndpoint>",
|
||||
Short: "Share a previously reserved service again",
|
||||
Args: cobra.ExactArgs(2),
|
||||
}
|
||||
command := &shareAgainCommand{cmd: cmd}
|
||||
cmd.Run = command.run
|
||||
return command
|
||||
}
|
||||
|
||||
func (cmd *shareAgainCommand) run(_ *cobra.Command, args []string) {
|
||||
targetEndpoint, err := url.Parse(args[1])
|
||||
if err != nil {
|
||||
if !panicInstead {
|
||||
showError("invalid target endpoint URL", err)
|
||||
}
|
||||
panic(err)
|
||||
}
|
||||
if targetEndpoint.Scheme == "" {
|
||||
targetEndpoint.Scheme = "https"
|
||||
}
|
||||
|
||||
env, err := zrokdir.LoadEnvironment()
|
||||
if err != nil {
|
||||
if !panicInstead {
|
||||
showError("unable to load environment; did you 'zrok enable'?", err)
|
||||
}
|
||||
panic(err)
|
||||
}
|
||||
zif, err := zrokdir.ZitiIdentityFile("backend")
|
||||
if err != nil {
|
||||
if !panicInstead {
|
||||
showError("unable to load ziti identity configuration", err)
|
||||
}
|
||||
panic(err)
|
||||
}
|
||||
svcToken := args[0]
|
||||
cfg := &backend.Config{
|
||||
IdentityPath: zif,
|
||||
EndpointAddress: targetEndpoint.String(),
|
||||
Service: svcToken,
|
||||
}
|
||||
|
||||
zrok, err := zrokdir.ZrokClient(env.ApiEndpoint)
|
||||
if err != nil {
|
||||
if !panicInstead {
|
||||
showError("unable to create zrok client", err)
|
||||
}
|
||||
panic(err)
|
||||
}
|
||||
auth := httptransport.APIKeyAuth("X-TOKEN", "header", env.Token)
|
||||
|
||||
c := make(chan os.Signal)
|
||||
signal.Notify(c, os.Interrupt, syscall.SIGTERM)
|
||||
go func() {
|
||||
<-c
|
||||
cmd.destroy(env.ZId, cfg, zrok, auth)
|
||||
os.Exit(0)
|
||||
}()
|
||||
|
||||
httpProxy, err := backend.NewHTTP(cfg)
|
||||
if err != nil {
|
||||
ui.Close()
|
||||
if !panicInstead {
|
||||
showError("unable to create http backend", err)
|
||||
}
|
||||
panic(err)
|
||||
}
|
||||
|
||||
go func() {
|
||||
if err := httpProxy.Run(); err != nil {
|
||||
if !panicInstead {
|
||||
showError("unable to run http proxy", err)
|
||||
}
|
||||
panic(err)
|
||||
}
|
||||
}()
|
||||
|
||||
logrus.Infof("share your zrok service; use this command for access: 'zrok access private %v'", svcToken)
|
||||
for {
|
||||
time.Sleep(30 * time.Second)
|
||||
}
|
||||
}
|
||||
|
||||
func (self *shareAgainCommand) destroy(id string, cfg *backend.Config, zrok *rest_client_zrok.Zrok, auth runtime.ClientAuthInfoWriter) {
|
||||
logrus.Debugf("shutting down '%v'", cfg.Service)
|
||||
req := service.NewUnshareParams()
|
||||
req.Body = &rest_model_zrok.UnshareRequest{
|
||||
EnvZID: id,
|
||||
SvcToken: cfg.Service,
|
||||
}
|
||||
if _, err := zrok.Service.Unshare(req, auth); err == nil {
|
||||
logrus.Debugf("shutdown complete")
|
||||
} else {
|
||||
logrus.Errorf("error shutting down: %v", err)
|
||||
}
|
||||
}
|
@ -42,7 +42,7 @@ func newSharePublicCommand() *sharePublicCommand {
|
||||
}
|
||||
command := &sharePublicCommand{cmd: cmd}
|
||||
cmd.Flags().BoolVarP(&command.quiet, "quiet", "q", false, "Disable TUI 'chrome' for quiet operation")
|
||||
cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...")
|
||||
cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...)")
|
||||
cmd.Run = command.run
|
||||
return command
|
||||
}
|
||||
|
@ -78,6 +78,7 @@ func (h *shareHandler) Handle(params service.ShareParams, principal *rest_model_
|
||||
|
||||
logrus.Debugf("allocated service '%v'", svcToken)
|
||||
|
||||
reserved := params.Body.Reserved
|
||||
sid, err := str.CreateService(envId, &store.Service{
|
||||
ZId: svcZId,
|
||||
Token: svcToken,
|
||||
@ -85,7 +86,7 @@ func (h *shareHandler) Handle(params service.ShareParams, principal *rest_model_
|
||||
BackendMode: params.Body.BackendMode,
|
||||
FrontendEndpoint: &frontendEndpoints[0],
|
||||
BackendProxyEndpoint: ¶ms.Body.BackendProxyEndpoint,
|
||||
Reserved: false,
|
||||
Reserved: reserved,
|
||||
}, tx)
|
||||
if err != nil {
|
||||
logrus.Errorf("error creating service record: %v", err)
|
||||
|
@ -75,7 +75,7 @@ func (h *unshareHandler) Handle(params service.UnshareParams, principal *rest_mo
|
||||
return service.NewUnshareInternalServerError()
|
||||
}
|
||||
|
||||
if !ssvc.Reserved {
|
||||
if ssvc.Reserved == params.Body.Reserved {
|
||||
// single tag-based service deallocator; should work regardless of sharing mode
|
||||
if err := h.deallocateResources(senv, ssvc, svcToken, svcZId, edge); err != nil {
|
||||
logrus.Errorf("error unsharing ziti resources for '%v': %v", ssvc, err)
|
||||
|
@ -40,6 +40,9 @@ type ShareRequest struct {
|
||||
// frontend selection
|
||||
FrontendSelection []string `json:"frontendSelection"`
|
||||
|
||||
// reserved
|
||||
Reserved bool `json:"reserved,omitempty"`
|
||||
|
||||
// share mode
|
||||
// Enum: [public private]
|
||||
ShareMode string `json:"shareMode,omitempty"`
|
||||
|
@ -20,6 +20,9 @@ type UnshareRequest struct {
|
||||
// env z Id
|
||||
EnvZID string `json:"envZId,omitempty"`
|
||||
|
||||
// reserved
|
||||
Reserved bool `json:"reserved,omitempty"`
|
||||
|
||||
// svc token
|
||||
SvcToken string `json:"svcToken,omitempty"`
|
||||
}
|
||||
|
@ -736,6 +736,9 @@ func init() {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"reserved": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"shareMode": {
|
||||
"type": "string",
|
||||
"enum": [
|
||||
@ -776,6 +779,9 @@ func init() {
|
||||
"envZId": {
|
||||
"type": "string"
|
||||
},
|
||||
"reserved": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"svcToken": {
|
||||
"type": "string"
|
||||
}
|
||||
@ -1528,6 +1534,9 @@ func init() {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"reserved": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"shareMode": {
|
||||
"type": "string",
|
||||
"enum": [
|
||||
@ -1568,6 +1577,9 @@ func init() {
|
||||
"envZId": {
|
||||
"type": "string"
|
||||
},
|
||||
"reserved": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"svcToken": {
|
||||
"type": "string"
|
||||
}
|
||||
|
@ -491,6 +491,8 @@ definitions:
|
||||
type: array
|
||||
items:
|
||||
$ref: "#/definitions/authUser"
|
||||
reserved:
|
||||
type: boolean
|
||||
|
||||
shareResponse:
|
||||
type: object
|
||||
@ -517,6 +519,8 @@ definitions:
|
||||
type: string
|
||||
svcToken:
|
||||
type: string
|
||||
reserved:
|
||||
type: boolean
|
||||
|
||||
verifyRequest:
|
||||
type: object
|
||||
|
@ -152,6 +152,7 @@
|
||||
* @property {string} backendProxyEndpoint
|
||||
* @property {string} authScheme
|
||||
* @property {module:types.authUser[]} authUsers
|
||||
* @property {boolean} reserved
|
||||
*/
|
||||
|
||||
/**
|
||||
@ -177,6 +178,7 @@
|
||||
*
|
||||
* @property {string} envZId
|
||||
* @property {string} svcToken
|
||||
* @property {boolean} reserved
|
||||
*/
|
||||
|
||||
/**
|
||||
|
Loading…
Reference in New Issue
Block a user