Merge pull request #12 from TykTechnologies/feature/TT-5906/prehook-l…

…icense-validation

[TT-5906] Add pre-install package that verifies dashboard license

.container/image/bootstrap-pre-install/Dockerfile

@@ -0,0 +1,3 @@
+FROM scratch
+
+ADD bootstrapapp-pre-install /app/bin/bootstrap-app-pre-install

.goreleaser.yaml

@@ -37,6 +37,19 @@ builds:
       - CGO_ENABLED=0
     ldflags:
       - -X main.version={{.Version}}
+  -
+    id: "preinstall"
+    main: ./cmd/bootstrap-pre-install
+    binary: bin/bootstrapapp-pre-install
+    goos:
+      - linux
+    goarch:
+      - amd64
+      - arm64
+    env:
+      - CGO_ENABLED=0
+    ldflags:
+      - -X main.version={{.Version}}
 
 
 # https://goreleaser.com/customization/docker/
@@ -97,6 +110,34 @@ dockers:
     use: buildx
     build_flag_templates:
       - "--platform=linux/arm64/v8"
+  -
+    ids:
+      - preinstall
+    image_templates:
+      - "tykio/tyk-k8s-bootstrap-pre-install:latest-amd64"
+      - "tykio/tyk-k8s-bootstrap-pre-install:v{{ .Major }}-amd64"
+      - "tykio/tyk-k8s-bootstrap-pre-install:v{{ .Major }}.{{ .Minor }}-amd64"
+      - "tykio/tyk-k8s-bootstrap-pre-install:{{ .Tag }}-amd64"
+    goos: linux
+    goarch: amd64
+    dockerfile: ".container/image/bootstrap-pre-install/Dockerfile"
+    use: buildx
+    build_flag_templates:
+      - "--platform=linux/amd64"
+  -
+    ids:
+      - preinstall
+    image_templates:
+      - "tykio/tyk-k8s-bootstrap-pre-install:latest-arm64v8"
+      - "tykio/tyk-k8s-bootstrap-pre-install:v{{ .Major }}-arm64v8"
+      - "tykio/tyk-k8s-bootstrap-pre-install:v{{ .Major }}.{{ .Minor }}-arm64v8"
+      - "tykio/tyk-k8s-bootstrap-pre-install:{{ .Tag }}-arm64v8"
+    goos: linux
+    goarch: arm64
+    dockerfile: ".container/image/bootstrap-pre-install/Dockerfile"
+    use: buildx
+    build_flag_templates:
+      - "--platform=linux/arm64/v8"
 
 # https://goreleaser.com/customization/docker_manifest/
 docker_manifests:
@@ -138,4 +179,24 @@ docker_manifests:
   - name_template: "tykio/tyk-k8s-bootstrap-pre-delete:{{ .Tag }}"
     image_templates:
       - "tykio/tyk-k8s-bootstrap-pre-delete:{{ .Tag }}-amd64"
-      - "tykio/tyk-k8s-bootstrap-pre-delete:{{ .Tag }}-arm64v8"
+      - "tykio/tyk-k8s-bootstrap-pre-delete:{{ .Tag }}-arm64v8"
+
+  - name_template: "tykio/tyk-k8s-bootstrap-pre-install:latest"
+    image_templates:
+      - "tykio/tyk-k8s-bootstrap-pre-install:latest-amd64"
+      - "tykio/tyk-k8s-bootstrap-pre-install:latest-arm64v8"
+
+  - name_template: "tykio/tyk-k8s-bootstrap-pre-install:v{{ .Major }}"
+    image_templates:
+      - "tykio/tyk-k8s-bootstrap-pre-install:v{{ .Major }}-amd64"
+      - "tykio/tyk-k8s-bootstrap-pre-install:v{{ .Major }}-arm64v8"
+
+  - name_template: "tykio/tyk-k8s-bootstrap-pre-install:v{{ .Major }}.{{ .Minor }}"
+    image_templates:
+      - "tykio/tyk-k8s-bootstrap-pre-install:v{{ .Major }}.{{ .Minor }}-amd64"
+      - "tykio/tyk-k8s-bootstrap-pre-install:v{{ .Major }}.{{ .Minor }}-arm64v8"
+
+  - name_template: "tykio/tyk-k8s-bootstrap-pre-install:{{ .Tag }}"
+    image_templates:
+      - "tykio/tyk-k8s-bootstrap-pre-install:{{ .Tag }}-amd64"
+      - "tykio/tyk-k8s-bootstrap-pre-install:{{ .Tag }}-arm64v8"

Makefile

@@ -2,21 +2,28 @@ GO_ARG_LINUX=GOOS=linux GOARCH=amd64
 
 SRC_PATH?=$(shell pwd)
 BIN_PATH?=$(SRC_PATH)/bin
+
+BOOTSTRAP_APP_PREINSTALL_NAME=bootstrapapp-pre-install
 BOOTSTRAP_APP_POST_NAME=bootstrapapp-post
 BOOTSTRAP_APP_PREDELETE_NAME=bootstrapapp-pre-delete
 
+BOOTSTRAP_CMD_PREINSTALL_PATH=./cmd/bootstrap-pre-install
 BOOTSTRAP_CMD_POST_PATH=./cmd/bootstrap-post
 BOOTSTRAP_CMD_PREDELETE_PATH=./cmd/bootstrap-pre-delete
 
+build-bootstrap-pre-install:
+	@echo "\n Building bootstrap-pre-install binary"
+	env $(GO_ARG_LINUX) CGO_ENABLED=0 go build -o "$(BIN_PATH)/$(BOOTSTRAP_APP_PREINSTALL_NAME)" -ldflags \
+		"-X main.version=$(MAIN_VERSION)" "$(BOOTSTRAP_CMD_PREINSTALL_PATH)"
 
 build-bootstrap-post:
-	@echo "\n Building bootstrap binary"
-	env $(GO_ARG_LINUX) CGO_ENABLED=0 go build -v -o "$(BIN_PATH)/$(BOOTSTRAP_APP_PATH)$(BOOTSTRAP_APP_POST_NAME)" -ldflags \
+	@echo "\n Building bootstrapapp-post binary"
+	env $(GO_ARG_LINUX) CGO_ENABLED=0 go build -o "$(BIN_PATH)/$(BOOTSTRAP_APP_POST_NAME)" -ldflags \
 		"-X main.version=$(MAIN_VERSION)" "$(BOOTSTRAP_CMD_POST_PATH)"
 
 build-bootstrap-pre-delete:
-	@echo "\n Building bootstrap binary"
-	env $(GO_ARG_LINUX) CGO_ENABLED=0 go build -v -o "$(BIN_PATH)/$(BOOTSTRAP_APP_PATH)$(BOOTSTRAP_APP_PREDELETE_NAME)" -ldflags \
+	@echo "\n Building bootstrapapp-pre-delete binary"
+	env $(GO_ARG_LINUX) CGO_ENABLED=0 go build -o "$(BIN_PATH)/$(BOOTSTRAP_APP_PREDELETE_NAME)" -ldflags \
 		"-X main.version=$(MAIN_VERSION)" "$(BOOTSTRAP_CMD_PREDELETE_PATH)"
 
-build-all: build-bootstrap-post build-bootstrap-pre-delete
+build-all: build-bootstrap-post build-bootstrap-pre-delete build-bootstrap-pre-install

cmd/bootstrap-post/main.go

@@ -7,7 +7,6 @@ import (
 	"os"
 	"tyk/tyk/bootstrap/data"
 	"tyk/tyk/bootstrap/helpers"
-	"tyk/tyk/bootstrap/license"
 	"tyk/tyk/bootstrap/readiness"
 )
 
@@ -18,23 +17,6 @@ func main() {
 		os.Exit(1)
 	}
 
-	dashboardLicenseKey, err := license.GetDashboardLicense()
-	if err != nil {
-		fmt.Println(err)
-		os.Exit(1)
-	}
-
-	licenseIsValid, err := license.ValidateDashboardLicense(dashboardLicenseKey)
-	if err != nil {
-		fmt.Println(err)
-	}
-	if licenseIsValid {
-		fmt.Println("Provided license is valid")
-	} else {
-		fmt.Println("Provided license is invalid")
-		os.Exit(1)
-	}
-
 	err = readiness.CheckIfRequiredDeploymentsAreReady()
 	if err != nil {
 		fmt.Println(err)

cmd/bootstrap-pre-install/main.go

@@ -0,0 +1,17 @@
+package main
+
+import (
+	"fmt"
+	"os"
+	"tyk/tyk/bootstrap/preinstallation"
+)
+
+func main() {
+	err := preinstallation.PreHookInstall()
+	if err != nil {
+		fmt.Printf("Failed to run pre-hook job, err: %v", err)
+		os.Exit(1)
+	}
+
+	fmt.Println("Pre-Hook bootstrapping succeeded, the provided license is valid!")
+}

constants/constants.go

@@ -16,6 +16,7 @@ const (
 	TykDashboardProtoEnvVar             = "TYK_DASHBOARD_PROTO"
 	TykDashboardSvcEnvVar               = "TYK_DASHBOARD_SVC"
 	TykDashboardInsecureSkipVerify      = "TYK_DASHBOARD_INSECURE_SKIP_VERIFY"
+	TykDashboardLicenseEnvVarName       = "TYK_DB_LICENSEKEY"
 	TykDbListenport                     = "TYK_DB_LISTENPORT"
 	TykDbLicensekeyEnvVar               = "TYK_DB_LICENSEKEY"
 	TykAdminSecretEnvVar                = "TYK_ADMIN_SECRET"

license/license.go

@@ -8,12 +8,11 @@ import (
 	"strconv"
 	"strings"
 	"time"
+	"tyk/tyk/bootstrap/constants"
 )
 
-const TykDashboardLicenseEnvVarName = "TYK_DB_LICENSEKEY"
-
 func GetDashboardLicense() (string, error) {
-	license, ok := os.LookupEnv(TykDashboardLicenseEnvVarName)
+	license, ok := os.LookupEnv(constants.TykDashboardLicenseEnvVarName)
 	if !ok {
 		return "", errors.New("license env var is not present")
 	}

preinstallation/preinstallation.go

@@ -0,0 +1,28 @@
+// Package preinstallation exposes an API to run necessary operations required in pre-install hook job of bootstrapping.
+// While bootstrapping Tyk Stack, users need to provide a valida Tyk License key.
+// In the pre-hook installation, the helper functions defined in this package verifies the validity of the license.
+package preinstallation
+
+import (
+	"errors"
+	"tyk/tyk/bootstrap/license"
+)
+
+// PreHookInstall runs all required license validation operations that are required in pre-install hook.
+func PreHookInstall() error {
+	dashboardLicenseKey, err := license.GetDashboardLicense()
+	if err != nil {
+		return err
+	}
+
+	licenseIsValid, err := license.ValidateDashboardLicense(dashboardLicenseKey)
+	if err != nil {
+		return err
+	}
+
+	if !licenseIsValid {
+		return errors.New("provided license is invalid")
+	}
+
+	return nil
+}