-
Notifications
You must be signed in to change notification settings - Fork 193
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cloud #2998
Cloud #2998
Conversation
While there is a part of me that feels like littering "cloud" term in multiple places feels bad, I think it might be better for the dependencies to organize it in this way. Otherwise, we're drilling down new config sections. So long story short, I like the first and what you have in this PR, I think. Open to pushback though. |
yeah after seeing it written out like this I think I agree. Initially I thought I would like the latter approach, but now I prefer the former. we could still potentially 'guard' everything under experimental with a single key like:
which only if true would mean that the other configs are respected. wdyt? |
@markphelps Hard to say without good insights. I think there should not be |
chore: add config tests and auth chore: add api key for tunnel connection chore: config changes chore: fix server close
* feat: start impl of cloud link * chore: change token param to id_token Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> * chore: start http server * chore: PR updates Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> * chore: fix write html Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> * chore: rm uneeded struct Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> * chore: fix cue schema Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> * chore: respond to PR feedback, fix schema * chore: try to fix cli ITs * chore: set min TLS version Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> --------- Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com>
Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com>
* feat: start cloud serve command * chore: start flipt with new config * feat: validate JWT; retry reverst connections; check for expiry and existing instance * chore: handle error response * chore: add spinner * Revert "chore: add spinner" This reverts commit bb35379. * chore: dont make org/instance/api key required for now Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> * chore: fix tests Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> * feat: impl cloud auth (#3045) * feat: impl cloud auth * chore: PR feedback Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> * chore: fix tests --------- Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> * chore: use backoff from reverst * chore: fix build Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> --------- Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com>
Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com>
Signed-off-by: George MacRorie <me@georgemac.com>
Signed-off-by: George MacRorie <me@georgemac.com>
fix(cloud): improve shutdown logging
* chore: check for existing instance in cloud * chore: close body Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> --------- Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com>
* main: chore(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.3.0 (#3059)
* feat: add cloud audit sink * chore: cant enforce auth always for cloud Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> * feat: make cloud experimental * chore: fix schema * chore: try to fix tests Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> * chore: fmt audit payload Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> * chore: basic cloud audit event test Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> * chore: telemetry test Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> * chore: change serve command desc Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com> --------- Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com>
Signed-off-by: Mark Phelps <209477+markphelps@users.noreply.github.com>
g.Go(func() error { | ||
tok, err := flow.Wait(ctx) | ||
if err != nil { | ||
return fmt.Errorf("waiting for token: %w", err) | ||
} | ||
|
||
cloudAuth := cloudAuth{ | ||
Token: tok, | ||
} | ||
|
||
cloudAuthBytes, err := json.Marshal(cloudAuth) | ||
if err != nil { | ||
return fmt.Errorf("marshalling cloud auth token: %w", err) | ||
} | ||
|
||
if err := os.WriteFile(cloudAuthFile, cloudAuthBytes, 0600); err != nil { | ||
return fmt.Errorf("writing cloud auth token: %w", err) | ||
} | ||
|
||
fmt.Println("\n✓ Authenticated with Flipt Cloud!\nYou can now run commands that require cloud authentication.") | ||
|
||
return nil | ||
}) | ||
|
||
g.Go(func() error { | ||
if err := flow.StartServer(nil); err != nil && !errors.Is(err, net.ErrClosed) { | ||
return fmt.Errorf("starting server: %w", err) | ||
} | ||
close(done) | ||
return nil | ||
}) | ||
|
||
g.Go(func() error { | ||
select { | ||
case <-done: | ||
cancel() | ||
case <-ctx.Done(): | ||
if err := flow.Close(); err != nil && !errors.Is(err, context.Canceled) { | ||
return err | ||
} | ||
} | ||
return nil | ||
}) | ||
|
||
g.Go(func() error { | ||
url, err := flow.BrowserURL(fmt.Sprintf("%s/login/device", c.url)) | ||
if err != nil { | ||
return fmt.Errorf("creating browser URL: %w", err) | ||
} | ||
return util.OpenBrowser(url) | ||
}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just making a note for future refactoring: lots of goroutines here, which I think have little extra value.
I think we need only one for the blocking server start and then the rest could probably be synchronous with this command.
- go start server
- open browser (looks non-blocking, is that right?)
- flow.Wait which observes context cancelled
- observe token and write out file
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👏 Nice
Draft PR for cloud/tunnel support for Flipt Hybrid Cloud
We will use this PR as the base for all cloud functionality in Flipt, branching and merging additional PRs off of this branch as we go.