CLI #366
Merged
CLI #366
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ) | ||
|
|
||
| type envVar interface { | ||
| string | int | int64 | bool |
There was a problem hiding this comment.
Nice! so we can use union types :)
There was a problem hiding this comment.
Yep. Called "constraints" in golang.
guicassolato
force-pushed
the
cmd-line-args
branch
from
6677f08
to
cf57d88
Compare
…iable declarations
guicassolato
force-pushed
the
cmd-line-args
branch
from
cf57d88
to
bff3d02
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Defines command-line interface (CLI) for:
Options of authorisation server should now be supplied using flags of the
authorino servercommand.This deprecates the usage of environment variables to set the options of the authorisation server, though they are still available to override defaults used in case the corresponding flag is not supplied in the command, and for backward compatibility until the Authorino Operator is updated to use the flags.
Closes #363.
Verification steps
Build:
Help command:
$ ./bin/authorino server --help Runs the authorization server Usage: authorino server [flags] Flags: --auth-config-label-selector string Kubernetes label selector to filter AuthConfig resources to watch --deep-metrics-enabled Enable deep metrics at the level of each evaluator when requested in the AuthConfig, exported by the metrics server --enable-leader-election Enable leader election for status updater - ensures only one instance of Authorino tries to update the status of reconciled resources --evaluator-cache-size int Cache size of each Authorino evaluator if enabled in the AuthConfig - in megabytes (default 1) --ext-auth-grpc-port int Port number of authorization server - gRPC interface (default 50051) --ext-auth-http-port int Port number of authorization server - raw HTTP interface (default 5001) --health-probe-addr string The network address the health probe endpoint binds to (default ":8081") -h, --help help for server --log-level string Log level (default "info") --log-mode string Log mode (default "production") --max-http-request-body-size int Maximum size of the body of requests accepted in the raw HTTP interface of the authorization server - in bytes (default 8192) --metrics-addr string The network address the metrics endpoint binds to (default ":8080") --oidc-http-port int Port number of OIDC Discovery server for Festival Wristband tokens (default 8083) --oidc-tls-cert string Path to the public TLS server certificate file in the file system - Festival Wristband OIDC Discovery server --oidc-tls-cert-key string Path to the private TLS server certificate key file in the file system - Festival Wristband OIDC Discovery server --secret-label-selector string Kubernetes label selector to filter Secret resources to watch (default "authorino.kuadrant.io/managed-by=authorino") --timeout int Server timeout - in milliseconds --tls-cert string Path to the public TLS server certificate file in the file system - authorization server --tls-cert-key string Path to the private TLS server certificate key file in the file system - authorization server --watch-namespace string Kubernetes namespace to watchVersion:
Setup a local cluster (to test running the server locally):
Run the server:
(with default settings...)
$ ./bin/authorino server {"level":"info","ts":1669042548.2534442,"logger":"authorino","msg":"setting instance base logger","min level":"info","mode":"production"} {"level":"info","ts":1669042548.253491,"logger":"authorino","msg":"booting up authorino","version":"6677f083e93f44d8e135bba2c28f3e9075c534ed"} {"level":"info","ts":1669042548.9113479,"logger":"authorino.controller-runtime.metrics","msg":"Metrics server is starting to listen","addr":":8080"} {"level":"info","ts":1669042548.918613,"logger":"authorino","msg":"starting http oidc service","port":8083,"tls":false} {"level":"info","ts":1669042548.9186041,"logger":"authorino","msg":"starting http auth service","port":5001,"tls":false} {"level":"info","ts":1669042548.918738,"logger":"authorino","msg":"starting grpc auth service","port":50051,"tls":false} {"level":"info","ts":1669042548.918807,"logger":"authorino","msg":"starting manager"} {"level":"info","ts":1669042548.920498,"logger":"authorino","msg":"Starting server","path":"/metrics","kind":"metrics","addr":"[::]:8080"} [...](changing a setting...)
$ ./bin/authorino server --log-mode=development 1.669042593415852e+09 INFO authorino setting instance base logger {"min level": "info", "mode": "development"} 1.6690425934159071e+09 INFO authorino booting up authorino {"version": "6677f083e93f44d8e135bba2c28f3e9075c534ed"} 1.669042594070692e+09 INFO authorino.controller-runtime.metrics Metrics server is starting to listen {"addr": ":8080"} 1.6690425940726101e+09 INFO authorino starting http auth service {"port": 5001, "tls": false} 1.669042594072709e+09 INFO authorino starting grpc auth service {"port": 50051, "tls": false} 1.669042594072758e+09 INFO authorino starting http oidc service {"port": 8083, "tls": false} 1.66904259407322e+09 INFO authorino starting manager 1.669042594078783e+09 INFO authorino Starting server {"kind": "health probe", "addr": "[::]:8081"} 1.6690425940790331e+09 INFO authorino.controller.authconfig Starting EventSource {"reconciler group": "authorino.kuadrant.io", "reconciler kind": "AuthConfig", "source": "kind source: *v1beta1.AuthConfig"} 1.669042594079137e+09 INFO authorino.controller.authconfig Starting Controller {"reconciler group": "authorino.kuadrant.io", "reconciler kind": "AuthConfig"} 1.669042594079424e+09 INFO authorino Starting server {"path": "/metrics", "kind": "metrics", "addr": "[::]:8080"} [...](overriding a default...)
$ LOG_MODE=development ./bin/authorino server 1.6690426571355891e+09 INFO authorino setting instance base logger {"min level": "info", "mode": "development"} 1.669042657135644e+09 INFO authorino booting up authorino {"version": "6677f083e93f44d8e135bba2c28f3e9075c534ed"} 1.669042657793045e+09 INFO authorino.controller-runtime.metrics Metrics server is starting to listen {"addr": ":8080"} 1.6690426577955809e+09 INFO authorino starting grpc auth service {"port": 50051, "tls": false} 1.669042657795725e+09 INFO authorino starting http auth service {"port": 5001, "tls": false} 1.6690426577958038e+09 INFO authorino starting http oidc service {"port": 8083, "tls": false} 1.6690426577963278e+09 INFO authorino starting manager 1.6690426577970948e+09 INFO authorino Starting server {"kind": "health probe", "addr": "[::]:8081"} 1.669042657797747e+09 INFO authorino.controller.authconfig Starting EventSource {"reconciler group": "authorino.kuadrant.io", "reconciler kind": "AuthConfig", "source": "kind source: *v1beta1.AuthConfig"} 1.6690426577978098e+09 INFO authorino.controller.authconfig Starting Controller {"reconciler group": "authorino.kuadrant.io", "reconciler kind": "AuthConfig"} 1.669042657798151e+09 INFO authorino.controller.secret Starting EventSource {"reconciler group": "", "reconciler kind": "Secret", "source": "kind source: *v1.Secret"} 1.669042657798193e+09 INFO authorino.controller.secret Starting Controller {"reconciler group": "", "reconciler kind": "Secret"} 1.6690426578002791e+09 INFO authorino Starting server {"path": "/metrics", "kind": "metrics", "addr": "[::]:8080"}(with the specified flag taking precendence over any default...)
$ LOG_MODE=development ./bin/authorino server --log-mode=production {"level":"info","ts":1669042741.941311,"logger":"authorino","msg":"setting instance base logger","min level":"info","mode":"production"} {"level":"info","ts":1669042741.941346,"logger":"authorino","msg":"booting up authorino","version":"6677f083e93f44d8e135bba2c28f3e9075c534ed"} {"level":"info","ts":1669042742.5960379,"logger":"authorino.controller-runtime.metrics","msg":"Metrics server is starting to listen","addr":":8080"} {"level":"info","ts":1669042742.600577,"logger":"authorino","msg":"starting http auth service","port":5001,"tls":false} {"level":"info","ts":1669042742.600686,"logger":"authorino","msg":"starting grpc auth service","port":50051,"tls":false} {"level":"info","ts":1669042742.600745,"logger":"authorino","msg":"starting http oidc service","port":8083,"tls":false} {"level":"info","ts":1669042742.6013372,"logger":"authorino","msg":"starting manager"} {"level":"info","ts":1669042742.6017249,"logger":"authorino","msg":"Starting server","path":"/metrics","kind":"metrics","addr":"[::]:8080"}