From ae10cea5c43a1cd68b7203f516a5310c997b8a70 Mon Sep 17 00:00:00 2001 From: Jakub Kabza Date: Fri, 30 Aug 2019 10:37:35 +0200 Subject: [PATCH 1/5] extend readme --- README.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index e8becf7..19983c4 100644 --- a/README.md +++ b/README.md @@ -28,4 +28,11 @@ Take a look at [Design Readme](./docs/README.md). - `make install` to generate CRD file from go sources and install it on the cluster - `export HYDRA_URL={HYDRA_SERVICE_URL} && make run` to run the controller -To deploy the controller, edit the value of the ```--hydra-url``` argument in the [manager.yaml](config/manager/manager.yaml) file and run ```make deploy```. \ No newline at end of file +To deploy the controller, edit the value of the ```--hydra-url``` argument in the [manager.yaml](config/manager/manager.yaml) file and run ```make deploy```. + +### Command-line flags + +| Name | Required | Description | Default value | Example values | +|-----------------|----------|------------------------------|---------------|------------------------------------------------------| +| **hydra-url** | yes | ORY Hydra's service address | - | ` ory-hydra-admin.ory.svc.cluster.local` | +| **hydra-port** | no | ORY Hydra's service port | `4445` | `4445` | \ No newline at end of file From b60afb55b0517e2e56721992ed0ed8e973e1c0f1 Mon Sep 17 00:00:00 2001 From: Jakub Kabza Date: Fri, 30 Aug 2019 11:45:27 +0200 Subject: [PATCH 2/5] sample/cr ref --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 19983c4..09713ed 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,9 @@ This project contains a Kubernetes controller that uses Custom Resources to manage Hydra Oauth2 clients. -ORY Hydra Maester watches for instances of `oauth2clients.oathkeeper.ory.sh/v1alpha1` and creates, updates, or deletes corresponding OAuth2 clients by communicating with ORY Hydra API. +ORY Hydra Maester watches for instances of `oauth2clients.oathkeeper.ory.sh/v1alpha1` custom resource (CR) and creates, updates, or deletes corresponding OAuth2 clients by communicating with ORY Hydra API. + +Visit Hydra-maester's [chart documentation](https://github.com/ory/k8s/blob/master/docs/helm/hydra-maester.md) and view a [sample OAuth2 client resource](./config/samples/hydra_v1alpha1_oauth2client.yaml) to learn more about the `oauth2clients.oathkeeper.ory.sh/v1alpha1` CR. The project is based on [Kubebuilder](https://github.com/kubernetes-sigs/kubebuilder). From 833ce16d005c54c8502191461cf0aa5ae928d99f Mon Sep 17 00:00:00 2001 From: Jakub Kabza Date: Fri, 30 Aug 2019 11:47:12 +0200 Subject: [PATCH 3/5] fix --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index 09713ed..ecaa434 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,7 @@ # Hydra-maester -This project contains a Kubernetes controller that uses Custom Resources to manage Hydra Oauth2 clients. -ORY Hydra Maester watches for instances of `oauth2clients.oathkeeper.ory.sh/v1alpha1` custom resource (CR) and creates, updates, or deletes corresponding OAuth2 clients by communicating with ORY Hydra API. +This project contains a Kubernetes controller that uses Custom Resources (CR) to manage Hydra Oauth2 clients. ORY Hydra Maester watches for instances of `oauth2clients.oathkeeper.ory.sh/v1alpha1` CR and creates, updates, or deletes corresponding OAuth2 clients by communicating with ORY Hydra's API. Visit Hydra-maester's [chart documentation](https://github.com/ory/k8s/blob/master/docs/helm/hydra-maester.md) and view a [sample OAuth2 client resource](./config/samples/hydra_v1alpha1_oauth2client.yaml) to learn more about the `oauth2clients.oathkeeper.ory.sh/v1alpha1` CR. From 38c57d67c212c9caa60de06c02e38139446f52d5 Mon Sep 17 00:00:00 2001 From: Jakub Kabza Date: Fri, 30 Aug 2019 13:47:27 +0200 Subject: [PATCH 4/5] fix bug: --- controllers/oauth2client_controller.go | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/controllers/oauth2client_controller.go b/controllers/oauth2client_controller.go index 74a2d89..28bb18c 100644 --- a/controllers/oauth2client_controller.go +++ b/controllers/oauth2client_controller.go @@ -115,14 +115,16 @@ func (r *OAuth2ClientReconciler) registerOAuth2Client(ctx context.Context, clien }, } - err = r.Create(ctx, &clientSecret) - if err != nil { - return err - } - - client.Status.Secret = &clientSecret.Name client.Status.ClientID = created.ClientID client.Status.ObservedGeneration = client.Generation + + err = r.Create(ctx, &clientSecret) + if err != nil { + r.Log.Error(err, fmt.Sprintf("registering client %s/%s failed", client.Name, client.Namespace), "oauth2client", "register") + } else { + client.Status.Secret = &clientSecret.Name + } + return r.Status().Update(ctx, client) } From 6825f7b8f11c9ba978137353d887df11bc8be0f5 Mon Sep 17 00:00:00 2001 From: Jakub Kabza Date: Fri, 30 Aug 2019 13:53:14 +0200 Subject: [PATCH 5/5] fix --- controllers/oauth2client_controller.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/controllers/oauth2client_controller.go b/controllers/oauth2client_controller.go index 28bb18c..310f66d 100644 --- a/controllers/oauth2client_controller.go +++ b/controllers/oauth2client_controller.go @@ -120,7 +120,7 @@ func (r *OAuth2ClientReconciler) registerOAuth2Client(ctx context.Context, clien err = r.Create(ctx, &clientSecret) if err != nil { - r.Log.Error(err, fmt.Sprintf("registering client %s/%s failed", client.Name, client.Namespace), "oauth2client", "register") + r.Log.Error(err, fmt.Sprintf("error creating secret for client %s/%s ", client.Name, client.Namespace), "oauth2client", "register") } else { client.Status.Secret = &clientSecret.Name }