From 5a4901f7bd913db9965f81684815bfb96e4db922 Mon Sep 17 00:00:00 2001 From: Serhii Ponomarenko <116438358+tiptophelmet@users.noreply.github.com> Date: Mon, 22 Apr 2024 01:04:08 +0300 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20License=20via=20authentication=20(#?= =?UTF-8?q?1526)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * 🔨 Add `cloudLicenseEnabled` helm value * 🔨 Add `CLOUD_LICENSE_ENABLED` key to `ConfigMap` * 🔨 Add `REACT_APP_CLOUD_LICENSE_ENABLED` `front` env * 🎨 Reformat `ConfigStruct` * 🔧 Set `cloudLicenseEnabled: true` by default * 🔧 Override auth enabled/type if `cloudLicenseEnabled: true` --------- Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com> --- config/configStruct.go | 21 ++++++++++--------- helm-chart/templates/06-front-deployment.yaml | 6 ++++-- helm-chart/templates/12-config-map.yaml | 5 +++-- helm-chart/values.yaml | 1 + 4 files changed, 19 insertions(+), 14 deletions(-) diff --git a/config/configStruct.go b/config/configStruct.go index 068bf0bd0e..e23f62e31f 100644 --- a/config/configStruct.go +++ b/config/configStruct.go @@ -87,16 +87,17 @@ type ManifestsConfig struct { } type ConfigStruct struct { - Tap configStructs.TapConfig `yaml:"tap" json:"tap"` - Logs configStructs.LogsConfig `yaml:"logs" json:"logs"` - Config configStructs.ConfigConfig `yaml:"config,omitempty" json:"config,omitempty"` - Kube KubeConfig `yaml:"kube" json:"kube"` - DumpLogs bool `yaml:"dumpLogs" json:"dumpLogs" default:"false"` - HeadlessMode bool `yaml:"headless" json:"headless" default:"false"` - License string `yaml:"license" json:"license" default:""` - Scripting configStructs.ScriptingConfig `yaml:"scripting" json:"scripting"` - Manifests ManifestsConfig `yaml:"manifests,omitempty" json:"manifests,omitempty"` - Timezone string `yaml:"timezone" json:"timezone"` + Tap configStructs.TapConfig `yaml:"tap" json:"tap"` + Logs configStructs.LogsConfig `yaml:"logs" json:"logs"` + Config configStructs.ConfigConfig `yaml:"config,omitempty" json:"config,omitempty"` + Kube KubeConfig `yaml:"kube" json:"kube"` + DumpLogs bool `yaml:"dumpLogs" json:"dumpLogs" default:"false"` + HeadlessMode bool `yaml:"headless" json:"headless" default:"false"` + License string `yaml:"license" json:"license" default:""` + CloudLicenseEnabled bool `yaml:"cloudLicenseEnabled" json:"cloudLicenseEnabled" default:"true"` + Scripting configStructs.ScriptingConfig `yaml:"scripting" json:"scripting"` + Manifests ManifestsConfig `yaml:"manifests,omitempty" json:"manifests,omitempty"` + Timezone string `yaml:"timezone" json:"timezone"` } func (config *ConfigStruct) ImagePullPolicy() v1.PullPolicy { diff --git a/helm-chart/templates/06-front-deployment.yaml b/helm-chart/templates/06-front-deployment.yaml index e188d97d4c..deab1c2dbc 100644 --- a/helm-chart/templates/06-front-deployment.yaml +++ b/helm-chart/templates/06-front-deployment.yaml @@ -27,9 +27,9 @@ spec: - name: REACT_APP_DEFAULT_FILTER value: '{{ not (eq .Values.tap.defaultFilter "") | ternary .Values.tap.defaultFilter " " }}' - name: REACT_APP_AUTH_ENABLED - value: '{{ .Values.tap.auth.enabled }}' + value: '{{ .Values.cloudLicenseEnabled | ternary true .Values.tap.auth.enabled }}' - name: REACT_APP_AUTH_TYPE - value: '{{ not (eq .Values.tap.auth.type "") | ternary .Values.tap.auth.type " " }}' + value: '{{ not (eq .Values.tap.auth.type "") | ternary (.Values.cloudLicenseEnabled | ternary "oidc" .Values.tap.auth.type) " " }}' - name: REACT_APP_AUTH_SAML_IDP_METADATA_URL value: '{{ not (eq .Values.tap.auth.saml.idpMetadataUrl "") | ternary .Values.tap.auth.saml.idpMetadataUrl " " }}' - name: REACT_APP_TIMEZONE @@ -42,6 +42,8 @@ spec: value: '{{ .Values.tap.targetedPodsUpdateDisabled }}' - name: REACT_APP_RECORDING_DISABLED value: '{{ .Values.tap.recordingDisabled }}' + - name: 'REACT_APP_CLOUD_LICENSE_ENABLED' + value: '{{ .Values.cloudLicenseEnabled }}' image: '{{ .Values.tap.docker.registry }}/front:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}' imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }} name: kubeshark-front diff --git a/helm-chart/templates/12-config-map.yaml b/helm-chart/templates/12-config-map.yaml index 7488304ceb..83a0b8295c 100644 --- a/helm-chart/templates/12-config-map.yaml +++ b/helm-chart/templates/12-config-map.yaml @@ -13,8 +13,8 @@ data: INGRESS_ENABLED: '{{ .Values.tap.ingress.enabled }}' INGRESS_HOST: '{{ .Values.tap.ingress.host }}' PROXY_FRONT_PORT: '{{ .Values.tap.proxy.front.port }}' - AUTH_ENABLED: '{{ .Values.tap.auth.enabled | ternary "true" "" }}' - AUTH_TYPE: '{{ .Values.tap.auth.type }}' + AUTH_ENABLED: '{{ .Values.cloudLicenseEnabled | ternary "true" (.Values.tap.auth.enabled | ternary "true" "") }}' + AUTH_TYPE: '{{ .Values.cloudLicenseEnabled | ternary "oidc" (.Values.tap.auth.type) }}' AUTH_SAML_IDP_METADATA_URL: '{{ .Values.tap.auth.saml.idpMetadataUrl }}' AUTH_SAML_ROLE_ATTRIBUTE: '{{ .Values.tap.auth.saml.roleAttribute }}' AUTH_SAML_ROLES: '{{ .Values.tap.auth.saml.roles | toJson }}' @@ -29,3 +29,4 @@ data: PCAP_TTL: '{{ .Values.tap.misc.pcapTTL }}' PCAP_ERROR_TTL: '{{ .Values.tap.misc.pcapErrorTTL }}' TIMEZONE: '{{ not (eq .Values.timezone "") | ternary .Values.timezone " " }}' + CLOUD_LICENSE_ENABLED: '{{ .Values.cloudLicenseEnabled }}' diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml index 6f3c4e3ad0..e89d400665 100644 --- a/helm-chart/values.yaml +++ b/helm-chart/values.yaml @@ -126,6 +126,7 @@ kube: dumpLogs: false headless: false license: "" +cloudLicenseEnabled: true scripting: env: {} source: ""