Merge branch 'main' into feature/store_app_deploy

kube-tarian · Aug 19, 2023 · 96ac3ac · 96ac3ac
2 parents 198b5e6 + 7c1bef5
commit 96ac3ac
Show file tree

Hide file tree

Showing 7 changed files with 47 additions and 20 deletions.
diff --git a/charts/server/templates/configmap-vault-role.yaml b/charts/server/templates/configmap-vault-role.yaml
@@ -1,9 +1,9 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: vault-role-capten-server
+  name: {{ .Values.vault.role | quote }}
 data:
-  roleName: vault-role-capten-server
+  roleName: {{ .Values.vault.role | quote }}
   policyNames: {{ .Values.vault.policyNames | quote }}
   servieAccounts: {{ include "server.serviceAccountName" . }}
   servieAccountNameSpaces: {{ .Release.Namespace }}
diff --git a/charts/server/templates/deployment.yaml b/charts/server/templates/deployment.yaml
@@ -67,8 +67,8 @@ spec:
               value: "{{ .Values.cassandra.dbName }}"
             - name: ORY_ENTITY_NAME
               value: {{ .Values.ory.entityName }}
-            - name: CRED_IDENTITY
-              value: {{ .Values.ory.rootUser }}
+            - name: ORY_CRED_IDENTIFIER
+              value: {{ .Values.ory.credIdentifier }}
             - name: CAPTEN_SERVER_ENTITY
               value: {{.Values.oauth.entityName}}
             - name: CAPTEN_SERVER_IDENTIFIER

diff --git a/charts/server/values.yaml b/charts/server/values.yaml
@@ -12,7 +12,7 @@ image:
 vault:
   address: http://vault:8200
   role: vault-role-capten-server
-  policyNames: "vault-policy-certs-admin,vault-policy-service-cred-read,vault-policy-generic-cred-read"
+  policyNames: "vault-policy-certs-admin,vault-policy-service-cred-read,vault-policy-generic-cred-admin"
 
 cassandra:
   dbAddresses: cassandra.cassandra.svc.cluster.local
@@ -21,14 +21,14 @@ cassandra:
   dbName: capten-server
 
 iam:
-  address: http://iam:9091
+  address: iam:9091
 
 astra:
   entityName: astra
   credIdentifier: auth-token
 
 ory:
-  rootUser: "capten"
+  credIdentifier: capten
   entityName: ory
 
 oauth:

diff --git a/server/cmd/server/main.go b/server/cmd/server/main.go
@@ -34,6 +34,13 @@ func main() {
 		log.Fatal("failed to load service congfig", err)
 	}
 
+	if cfg.ServiceRegister {
+		err = iamclient.RegisterService(log)
+		if err != nil {
+			log.Fatalf("%v", err)
+		}
+	}
+
 	swagger, err := api.GetSwagger()
 	if err != nil {
 		log.Fatal("Failed to get the swagger", err)
@@ -58,18 +65,7 @@ func main() {
 	if err != nil {
 		log.Fatal("APIHandler initialization failed", err)
 	}
-	IC, err := iamclient.NewClient(oryclient, log)
-	if err != nil {
-		log.Fatal("Error occured while created IAM client", err)
-	}
-	err = IC.RegisterWithIam()
-	if err != nil {
-		log.Fatal("Registering capten server as oauth client through IAM failed", err)
-	}
-	err = IC.RegisterRolesActions()
-	if err != nil {
-		log.Fatal("Registering Roles and Actions in IAM failed", err)
-	}
+
 	rpcServer, err := rpcapi.NewServer(log, serverStore, oryclient)
 	if err != nil {
 		log.Fatal("grpc server initialization failed", err)

diff --git a/server/pkg/config/config.go b/server/pkg/config/config.go
@@ -12,6 +12,7 @@ type ServiceConfig struct {
 	Database           string `envconfig:"DATABASE" default:"astra"`
 	AppStorConfig      string `envconfig:"APP_STORE_CONFIG" default:"./storeconfig"`
 	ReadAppStoreConfig bool   `envconfig:"READ_APP_STORE_CONFIG" default:"true"`
+  ServiceRegister bool   `envconfig:"SERVICE_REGISTER" default:"false"`
 }
 
 func GetServiceConfig() (ServiceConfig, error) {

diff --git a/server/pkg/iam-client/register_service.go b/server/pkg/iam-client/register_service.go
@@ -0,0 +1,30 @@
+package iamclient
+
+import (
+	"github.com/intelops/go-common/logging"
+	oryclient "github.com/kube-tarian/kad/server/pkg/ory-client"
+	"github.com/pkg/errors"
+)
+
+func RegisterService(log logging.Logger) error {
+	oryclient, err := oryclient.NewOryClient(log)
+	if err != nil {
+		return errors.WithMessage(err, "OryClient initialization failed")
+	}
+
+	IC, err := NewClient(oryclient, log)
+	if err != nil {
+		return errors.WithMessage(err, "Error occured while created IAM client")
+	}
+
+	err = IC.RegisterWithIam()
+	if err != nil {
+		return errors.WithMessage(err, "Registering capten server as oauth client failed")
+	}
+
+	err = IC.RegisterRolesActions()
+	if err != nil {
+		return errors.WithMessage(err, "Registering Roles and Actions in IAM failed")
+	}
+	return nil
+}
diff --git a/server/pkg/ory-client/client.go b/server/pkg/ory-client/client.go
@@ -27,7 +27,7 @@ const (
 // also for integration with ORY and create a OryApiClient.
 type Config struct {
 	OryEntityName        string `envconfig:"ORY_ENTITY_NAME" required:"true"`
-	CredentialIdentifier string `envconfig:"CRED_IDENTITY" required:"true"`
+	CredentialIdentifier string `envconfig:"ORY_CRED_IDENTIFIER" required:"true"`
 }
 
 // TokenConfig represents the configuration settings required for