hydra-maester/main.go

/*

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package main

import (
	"flag"
	"fmt"
	"net/http"
	"net/url"
	"os"

	"github.com/ory/hydra-maester/hydra"

	hydrav1alpha1 "github.com/ory/hydra-maester/api/v1alpha1"
	"github.com/ory/hydra-maester/controllers"
	apiv1 "k8s.io/api/core/v1"
	"k8s.io/apimachinery/pkg/runtime"
	_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"
	ctrl "sigs.k8s.io/controller-runtime"
	"sigs.k8s.io/controller-runtime/pkg/log/zap"
	// +kubebuilder:scaffold:imports
)

var (
	scheme   = runtime.NewScheme()
	setupLog = ctrl.Log.WithName("setup")
)

func init() {

	apiv1.AddToScheme(scheme)
	hydrav1alpha1.AddToScheme(scheme)
	// +kubebuilder:scaffold:scheme
}

func main() {
	var (
		metricsAddr, hydraURL, endpoint, forwardedProto string
		hydraPort                                       int
		enableLeaderElection                            bool
	)

	flag.StringVar(&metricsAddr, "metrics-addr", ":8080", "The address the metric endpoint binds to.")
	flag.StringVar(&hydraURL, "hydra-url", "", "The address of ORY Hydra")
	flag.IntVar(&hydraPort, "hydra-port", 4445, "Port ORY Hydra is listening on")
	flag.StringVar(&endpoint, "endpoint", "/clients", "ORY Hydra's client endpoint")
	flag.StringVar(&forwardedProto, "forwarded-proto", "", "If set, this adds the value as the X-Forwarded-Proto header in requests to the ORY Hydra admin server")
	flag.BoolVar(&enableLeaderElection, "enable-leader-election", false,
		"Enable leader election for controller manager. Enabling this will ensure there is only one active controller manager.")
	flag.Parse()

	ctrl.SetLogger(zap.Logger(true))

	mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
		Scheme:             scheme,
		MetricsBindAddress: metricsAddr,
		LeaderElection:     enableLeaderElection,
	})
	if err != nil {
		setupLog.Error(err, "unable to start manager")
		os.Exit(1)
	}

	if hydraURL == "" {
		setupLog.Error(fmt.Errorf("hydra URL can't be empty"), "unable to create controller", "controller", "OAuth2Client")
		os.Exit(1)
	}

	defaultSpec := hydrav1alpha1.OAuth2ClientSpec{
		HydraAdmin: hydrav1alpha1.HydraAdmin{
			URL:            hydraURL,
			Port:           hydraPort,
			Endpoint:       endpoint,
			ForwardedProto: forwardedProto,
		},
	}
	hydraClientMaker := getHydraClientMaker(defaultSpec)
	hydraClient, err := hydraClientMaker(defaultSpec)
	if err != nil {
		setupLog.Error(err, "making default hydra client", "controller", "OAuth2Client")
		os.Exit(1)

	}

	err = (&controllers.OAuth2ClientReconciler{
		Client:           mgr.GetClient(),
		Log:              ctrl.Log.WithName("controllers").WithName("OAuth2Client"),
		HydraClient:      hydraClient,
		HydraClientMaker: hydraClientMaker,
	}).SetupWithManager(mgr)
	if err != nil {
		setupLog.Error(err, "unable to create controller", "controller", "OAuth2Client")
		os.Exit(1)
	}
	// +kubebuilder:scaffold:builder

	setupLog.Info("starting manager")
	if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil {
		setupLog.Error(err, "problem running manager")
		os.Exit(1)
	}
}

func getHydraClientMaker(defaultSpec hydrav1alpha1.OAuth2ClientSpec) controllers.HydraClientMakerFunc {

	return controllers.HydraClientMakerFunc(func(spec hydrav1alpha1.OAuth2ClientSpec) (controllers.HydraClientInterface, error) {


		if spec.HydraAdmin.URL == "" {
			spec.HydraAdmin.URL = defaultSpec.HydraAdmin.URL
		}
		if spec.HydraAdmin.Port == 0 {
			spec.HydraAdmin.Port = defaultSpec.HydraAdmin.Port
		}
		if spec.HydraAdmin.Endpoint == "" {
			spec.HydraAdmin.Endpoint = defaultSpec.HydraAdmin.Endpoint
		}
		if spec.HydraAdmin.ForwardedProto == "" {
			spec.HydraAdmin.ForwardedProto = defaultSpec.HydraAdmin.ForwardedProto
		}

		address := fmt.Sprintf("%s:%d", spec.HydraAdmin.URL, spec.HydraAdmin.Port)
		u, err := url.Parse(address)
		if err != nil {
			return nil, fmt.Errorf("unable to parse ORY Hydra's URL: %w", err)
		}

		client := &hydra.Client{
			HydraURL:   *u.ResolveReference(&url.URL{Path: spec.HydraAdmin.Endpoint}),
			HTTPClient: &http.Client{},
		}

		if spec.HydraAdmin.ForwardedProto != "" && spec.HydraAdmin.ForwardedProto != "off" {
			client.ForwardedProto = spec.HydraAdmin.ForwardedProto
		}

		return client, nil
	})

}
scaffold controller 2019-08-21 10:12:07 +02:00			`/*`

			`Licensed under the Apache License, Version 2.0 (the "License");`
			`you may not use this file except in compliance with the License.`
			`You may obtain a copy of the License at`

			`http://www.apache.org/licenses/LICENSE-2.0`

			`Unless required by applicable law or agreed to in writing, software`
			`distributed under the License is distributed on an "AS IS" BASIS,`
			`WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`See the License for the specific language governing permissions and`
			`limitations under the License.`
			`*/`

			`package main`

			`import (`
			`"flag"`
api + basic logic + hydra client crud + validation + happy path integration test 2019-08-21 12:10:25 +02:00			`"fmt"`
			`"net/http"`
			`"net/url"`
scaffold controller 2019-08-21 10:12:07 +02:00			`"os"`

api + basic logic + hydra client crud + validation + happy path integration test 2019-08-21 12:10:25 +02:00			`"github.com/ory/hydra-maester/hydra"`

scaffold controller 2019-08-21 10:12:07 +02:00			`hydrav1alpha1 "github.com/ory/hydra-maester/api/v1alpha1"`
			`"github.com/ory/hydra-maester/controllers"`
api + basic logic + hydra client crud + validation + happy path integration test 2019-08-21 12:10:25 +02:00			`apiv1 "k8s.io/api/core/v1"`
scaffold controller 2019-08-21 10:12:07 +02:00			`"k8s.io/apimachinery/pkg/runtime"`
			`_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"`
			`ctrl "sigs.k8s.io/controller-runtime"`
			`"sigs.k8s.io/controller-runtime/pkg/log/zap"`
			`// +kubebuilder:scaffold:imports`
			`)`

			`var (`
			`scheme = runtime.NewScheme()`
			`setupLog = ctrl.Log.WithName("setup")`
			`)`

			`func init() {`

api + basic logic + hydra client crud + validation + happy path integration test 2019-08-21 12:10:25 +02:00			`apiv1.AddToScheme(scheme)`
scaffold controller 2019-08-21 10:12:07 +02:00			`hydrav1alpha1.AddToScheme(scheme)`
			`// +kubebuilder:scaffold:scheme`
			`}`

			`func main() {`
Support talking to multiple ORY Hydra deployments (#35) 2019-11-14 01:11:13 -07:00			`var (`
			`metricsAddr, hydraURL, endpoint, forwardedProto string`
			`hydraPort int`
			`enableLeaderElection bool`
			`)`
api + basic logic + hydra client crud + validation + happy path integration test 2019-08-21 12:10:25 +02:00
scaffold controller 2019-08-21 10:12:07 +02:00			`flag.StringVar(&metricsAddr, "metrics-addr", ":8080", "The address the metric endpoint binds to.")`
CI: enable integration tests 2019-08-29 11:23:45 +02:00			`flag.StringVar(&hydraURL, "hydra-url", "", "The address of ORY Hydra")`
samples + message fix 2019-08-30 08:59:09 +02:00			`flag.IntVar(&hydraPort, "hydra-port", 4445, "Port ORY Hydra is listening on")`
api + basic logic + hydra client crud + validation + happy path integration test 2019-08-21 12:10:25 +02:00			`flag.StringVar(&endpoint, "endpoint", "/clients", "ORY Hydra's client endpoint")`
Support talking to multiple ORY Hydra deployments (#35) 2019-11-14 01:11:13 -07:00			`flag.StringVar(&forwardedProto, "forwarded-proto", "", "If set, this adds the value as the X-Forwarded-Proto header in requests to the ORY Hydra admin server")`
scaffold controller 2019-08-21 10:12:07 +02:00			`flag.BoolVar(&enableLeaderElection, "enable-leader-election", false,`
			`"Enable leader election for controller manager. Enabling this will ensure there is only one active controller manager.")`
			`flag.Parse()`

			`ctrl.SetLogger(zap.Logger(true))`

			`mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{`
			`Scheme: scheme,`
			`MetricsBindAddress: metricsAddr,`
			`LeaderElection: enableLeaderElection,`
			`})`
			`if err != nil {`
			`setupLog.Error(err, "unable to start manager")`
			`os.Exit(1)`
			`}`

CI: enable integration tests 2019-08-29 11:23:45 +02:00			`if hydraURL == "" {`
samples + message fix 2019-08-30 08:59:09 +02:00			`setupLog.Error(fmt.Errorf("hydra URL can't be empty"), "unable to create controller", "controller", "OAuth2Client")`
CI: enable integration tests 2019-08-29 11:23:45 +02:00			`os.Exit(1)`
			`}`

Support talking to multiple ORY Hydra deployments (#35) 2019-11-14 01:11:13 -07:00			`defaultSpec := hydrav1alpha1.OAuth2ClientSpec{`
			`HydraAdmin: hydrav1alpha1.HydraAdmin{`
			`URL: hydraURL,`
			`Port: hydraPort,`
			`Endpoint: endpoint,`
			`ForwardedProto: forwardedProto,`
			`},`
			`}`
			`hydraClientMaker := getHydraClientMaker(defaultSpec)`
			`hydraClient, err := hydraClientMaker(defaultSpec)`
api + basic logic + hydra client crud + validation + happy path integration test 2019-08-21 12:10:25 +02:00			`if err != nil {`
Support talking to multiple ORY Hydra deployments (#35) 2019-11-14 01:11:13 -07:00			`setupLog.Error(err, "making default hydra client", "controller", "OAuth2Client")`
api + basic logic + hydra client crud + validation + happy path integration test 2019-08-21 12:10:25 +02:00			`os.Exit(1)`
Support talking to multiple ORY Hydra deployments (#35) 2019-11-14 01:11:13 -07:00
api + basic logic + hydra client crud + validation + happy path integration test 2019-08-21 12:10:25 +02:00			`}`

scaffold controller 2019-08-21 10:12:07 +02:00			`err = (&controllers.OAuth2ClientReconciler{`
Support talking to multiple ORY Hydra deployments (#35) 2019-11-14 01:11:13 -07:00			`Client: mgr.GetClient(),`
			`Log: ctrl.Log.WithName("controllers").WithName("OAuth2Client"),`
			`HydraClient: hydraClient,`
			`HydraClientMaker: hydraClientMaker,`
scaffold controller 2019-08-21 10:12:07 +02:00			`}).SetupWithManager(mgr)`
			`if err != nil {`
			`setupLog.Error(err, "unable to create controller", "controller", "OAuth2Client")`
			`os.Exit(1)`
			`}`
			`// +kubebuilder:scaffold:builder`

			`setupLog.Info("starting manager")`
			`if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil {`
			`setupLog.Error(err, "problem running manager")`
			`os.Exit(1)`
			`}`
			`}`
Support talking to multiple ORY Hydra deployments (#35) 2019-11-14 01:11:13 -07:00
			`func getHydraClientMaker(defaultSpec hydrav1alpha1.OAuth2ClientSpec) controllers.HydraClientMakerFunc {`

			`return controllers.HydraClientMakerFunc(func(spec hydrav1alpha1.OAuth2ClientSpec) (controllers.HydraClientInterface, error) {`


			`if spec.HydraAdmin.URL == "" {`
			`spec.HydraAdmin.URL = defaultSpec.HydraAdmin.URL`
			`}`
			`if spec.HydraAdmin.Port == 0 {`
			`spec.HydraAdmin.Port = defaultSpec.HydraAdmin.Port`
			`}`
			`if spec.HydraAdmin.Endpoint == "" {`
			`spec.HydraAdmin.Endpoint = defaultSpec.HydraAdmin.Endpoint`
			`}`
			`if spec.HydraAdmin.ForwardedProto == "" {`
			`spec.HydraAdmin.ForwardedProto = defaultSpec.HydraAdmin.ForwardedProto`
			`}`

			`address := fmt.Sprintf("%s:%d", spec.HydraAdmin.URL, spec.HydraAdmin.Port)`
			`u, err := url.Parse(address)`
			`if err != nil {`
			`return nil, fmt.Errorf("unable to parse ORY Hydra's URL: %w", err)`
			`}`

			`client := &hydra.Client{`
			`HydraURL: *u.ResolveReference(&url.URL{Path: spec.HydraAdmin.Endpoint}),`
			`HTTPClient: &http.Client{},`
			`}`

			`if spec.HydraAdmin.ForwardedProto != "" && spec.HydraAdmin.ForwardedProto != "off" {`
			`client.ForwardedProto = spec.HydraAdmin.ForwardedProto`
			`}`

			`return client, nil`
			`})`

			`}`