✨ License via authentication (#1526)

* 🔨 Add `cloudLicenseEnabled` helm value * 🔨 Add `CLOUD_LICENSE_ENABLED` key to `ConfigMap` * 🔨 Add `REACT_APP_CLOUD_LICENSE_ENABLED` `front` env * 🎨 Reformat `ConfigStruct` * 🔧 Set `cloudLicenseEnabled: true` by default * 🔧 Override auth enabled/type if `cloudLicenseEnabled: true` --------- Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
kubeshark · Apr 21, 2024 · 5a4901f · 5a4901f
1 parent 5a322fc
commit 5a4901f
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 14 deletions.
diff --git a/config/configStruct.go b/config/configStruct.go
@@ -87,16 +87,17 @@ type ManifestsConfig struct {
 }
 
 type ConfigStruct struct {
-	Tap          configStructs.TapConfig       `yaml:"tap" json:"tap"`
-	Logs         configStructs.LogsConfig      `yaml:"logs" json:"logs"`
-	Config       configStructs.ConfigConfig    `yaml:"config,omitempty" json:"config,omitempty"`
-	Kube         KubeConfig                    `yaml:"kube" json:"kube"`
-	DumpLogs     bool                          `yaml:"dumpLogs" json:"dumpLogs" default:"false"`
-	HeadlessMode bool                          `yaml:"headless" json:"headless" default:"false"`
-	License      string                        `yaml:"license" json:"license" default:""`
-	Scripting    configStructs.ScriptingConfig `yaml:"scripting" json:"scripting"`
-	Manifests    ManifestsConfig               `yaml:"manifests,omitempty" json:"manifests,omitempty"`
-	Timezone     string                        `yaml:"timezone" json:"timezone"`
+	Tap                 configStructs.TapConfig       `yaml:"tap" json:"tap"`
+	Logs                configStructs.LogsConfig      `yaml:"logs" json:"logs"`
+	Config              configStructs.ConfigConfig    `yaml:"config,omitempty" json:"config,omitempty"`
+	Kube                KubeConfig                    `yaml:"kube" json:"kube"`
+	DumpLogs            bool                          `yaml:"dumpLogs" json:"dumpLogs" default:"false"`
+	HeadlessMode        bool                          `yaml:"headless" json:"headless" default:"false"`
+	License             string                        `yaml:"license" json:"license" default:""`
+	CloudLicenseEnabled bool                          `yaml:"cloudLicenseEnabled" json:"cloudLicenseEnabled" default:"true"`
+	Scripting           configStructs.ScriptingConfig `yaml:"scripting" json:"scripting"`
+	Manifests           ManifestsConfig               `yaml:"manifests,omitempty" json:"manifests,omitempty"`
+	Timezone            string                        `yaml:"timezone" json:"timezone"`
 }
 
 func (config *ConfigStruct) ImagePullPolicy() v1.PullPolicy {

diff --git a/helm-chart/templates/06-front-deployment.yaml b/helm-chart/templates/06-front-deployment.yaml
@@ -27,9 +27,9 @@ spec:
             - name: REACT_APP_DEFAULT_FILTER
               value: '{{ not (eq .Values.tap.defaultFilter "") | ternary .Values.tap.defaultFilter " " }}'
             - name: REACT_APP_AUTH_ENABLED
-              value: '{{ .Values.tap.auth.enabled }}'
+              value: '{{ .Values.cloudLicenseEnabled | ternary true .Values.tap.auth.enabled }}'
             - name: REACT_APP_AUTH_TYPE
-              value: '{{ not (eq .Values.tap.auth.type "") | ternary .Values.tap.auth.type " " }}'
+              value: '{{ not (eq .Values.tap.auth.type "") | ternary (.Values.cloudLicenseEnabled | ternary "oidc" .Values.tap.auth.type) " " }}'
             - name: REACT_APP_AUTH_SAML_IDP_METADATA_URL
               value: '{{ not (eq .Values.tap.auth.saml.idpMetadataUrl "") | ternary .Values.tap.auth.saml.idpMetadataUrl " " }}'
             - name: REACT_APP_TIMEZONE
@@ -42,6 +42,8 @@ spec:
               value: '{{ .Values.tap.targetedPodsUpdateDisabled }}'
             - name: REACT_APP_RECORDING_DISABLED
               value: '{{ .Values.tap.recordingDisabled }}'
+            - name: 'REACT_APP_CLOUD_LICENSE_ENABLED'
+              value: '{{ .Values.cloudLicenseEnabled }}'
           image: '{{ .Values.tap.docker.registry }}/front:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}'
           imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
           name: kubeshark-front

diff --git a/helm-chart/templates/12-config-map.yaml b/helm-chart/templates/12-config-map.yaml
@@ -13,8 +13,8 @@ data:
     INGRESS_ENABLED: '{{ .Values.tap.ingress.enabled }}'
     INGRESS_HOST: '{{ .Values.tap.ingress.host }}'
     PROXY_FRONT_PORT: '{{ .Values.tap.proxy.front.port }}'
-    AUTH_ENABLED: '{{ .Values.tap.auth.enabled | ternary "true" "" }}'
-    AUTH_TYPE: '{{ .Values.tap.auth.type }}'
+    AUTH_ENABLED: '{{ .Values.cloudLicenseEnabled | ternary "true" (.Values.tap.auth.enabled | ternary "true" "") }}'
+    AUTH_TYPE: '{{ .Values.cloudLicenseEnabled | ternary "oidc" (.Values.tap.auth.type) }}'
     AUTH_SAML_IDP_METADATA_URL: '{{ .Values.tap.auth.saml.idpMetadataUrl }}'
     AUTH_SAML_ROLE_ATTRIBUTE: '{{ .Values.tap.auth.saml.roleAttribute }}'
     AUTH_SAML_ROLES: '{{ .Values.tap.auth.saml.roles | toJson }}'
@@ -29,3 +29,4 @@ data:
     PCAP_TTL: '{{ .Values.tap.misc.pcapTTL }}'
     PCAP_ERROR_TTL: '{{ .Values.tap.misc.pcapErrorTTL }}'
     TIMEZONE: '{{ not (eq .Values.timezone "") | ternary .Values.timezone " " }}'
+    CLOUD_LICENSE_ENABLED: '{{ .Values.cloudLicenseEnabled }}'
diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml
@@ -126,6 +126,7 @@ kube:
 dumpLogs: false
 headless: false
 license: ""
+cloudLicenseEnabled: true
 scripting:
   env: {}
   source: ""